At this point, you’ve compiled, installed, configured, started, and tested a simple FreeRADIUS implementation that is functional. However, 99.5% of the RADIUS/AAA implementations around the world are just not that simple. In this section, I’ll delve into the two major configuration files and discuss how to tweak, tune, customize, and effect change to the default FreeRADIUS installation. In Chapter 6, I’ll discuss advanced topics, such as pluggable authentication module (PAM) support, integration with MySQL, LDAP usage, and other topics.
radiusd.conf file is the central location to configure most aspects of the FreeRADIUS product. It includes configuration directives as well as pointers and two other configuration files that may be located elsewhere on the machine. There are also general configuration options for the multitude of modules available now and in the future for FreeRADIUS. The modules can request generic options, and FreeRADIUS will pass those defined options to the module through its API.
Before we begin, some explanation is needed of the operators used in
the statements and directives found in these configuration files. The
= operator, as you might imagine, sets the value
of an attribute. The
:= operator sets the value of
an attribute and overwrites any previous value that was set for that
== operator compares a state with a set value. It’s critical to understand how these operators work in order to ...