update freeradius

2025-12-25 06:49:31 +01:00 · 2016-07-28 13:35:00 +08:00
parent 5dd6960b32
commit f1ba5edda1
7 changed files with 369 additions and 17 deletions
--- a/freeradius/mysql/00-setup.sql
+++ b/freeradius/mysql/00-setup.sql
@@ -0,0 +1,24 @@
+# -*- text -*-
+##
+## admin.sql -- MySQL commands for creating the RADIUS user.
+##
+##	WARNING: You should change '%' and 'radpass'
+##		 to something else.  Also update raddb/sql.conf
+##		 with the new RADIUS password.
+##
+##	$Id: aff0505a473c67b65cfc19fae079454a36d4e119 $
+
+#
+#  Create default administrator for RADIUS
+#
+CREATE USER 'radius'@'%';
+SET PASSWORD FOR 'radius'@'%' = PASSWORD('radpass');
+
+# The server can read any table in SQL
+GRANT SELECT ON radius.* TO 'radius'@'%';
+
+# The server can write to the accounting and post-auth logging table.
+#
+#  i.e.
+GRANT ALL on radius.radacct TO 'radius'@'%';
+GRANT ALL on radius.radpostauth TO 'radius'@'%';
--- a/freeradius/mysql/01-schema.sql
+++ b/freeradius/mysql/01-schema.sql
@@ -0,0 +1,153 @@
+CREATE DATABASE radius;
+USE radius;
+
+###########################################################################
+# $Id: ca5ac77aa03dbb86ef714d1a1af647f7e63fda00 $                 #
+#                                                                         #
+#  schema.sql                       rlm_sql - FreeRADIUS SQL Module       #
+#                                                                         #
+#     Database schema for MySQL rlm_sql module                            #
+#                                                                         #
+#     To load:                                                            #
+#         mysql -uroot -prootpass radius < schema.sql                     #
+#                                                                         #
+#                                   Mike Machado <mike@innercite.com>     #
+###########################################################################
+#
+# Table structure for table 'radacct'
+#
+
+CREATE TABLE radacct (
+  radacctid bigint(21) NOT NULL auto_increment,
+  acctsessionid varchar(64) NOT NULL default '',
+  acctuniqueid varchar(32) NOT NULL default '',
+  username varchar(64) NOT NULL default '',
+  groupname varchar(64) NOT NULL default '',
+  realm varchar(64) default '',
+  nasipaddress varchar(15) NOT NULL default '',
+  nasportid varchar(15) default NULL,
+  nasporttype varchar(32) default NULL,
+  acctstarttime datetime NULL default NULL,
+  acctupdatetime datetime NULL default NULL,
+  acctstoptime datetime NULL default NULL,
+  acctinterval int(12) default NULL,
+  acctsessiontime int(12) unsigned default NULL,
+  acctauthentic varchar(32) default NULL,
+  connectinfo_start varchar(50) default NULL,
+  connectinfo_stop varchar(50) default NULL,
+  acctinputoctets bigint(20) default NULL,
+  acctoutputoctets bigint(20) default NULL,
+  calledstationid varchar(50) NOT NULL default '',
+  callingstationid varchar(50) NOT NULL default '',
+  acctterminatecause varchar(32) NOT NULL default '',
+  servicetype varchar(32) default NULL,
+  framedprotocol varchar(32) default NULL,
+  framedipaddress varchar(15) NOT NULL default '',
+  PRIMARY KEY (radacctid),
+  UNIQUE KEY acctuniqueid (acctuniqueid),
+  KEY username (username),
+  KEY framedipaddress (framedipaddress),
+  KEY acctsessionid (acctsessionid),
+  KEY acctsessiontime (acctsessiontime),
+  KEY acctstarttime (acctstarttime),
+  KEY acctinterval (acctinterval),
+  KEY acctstoptime (acctstoptime),
+  KEY nasipaddress (nasipaddress)
+) ENGINE = INNODB;
+
+#
+# Table structure for table 'radcheck'
+#
+
+CREATE TABLE radcheck (
+  id int(11) unsigned NOT NULL auto_increment,
+  username varchar(64) NOT NULL default '',
+  attribute varchar(64)  NOT NULL default '',
+  op char(2) NOT NULL DEFAULT '==',
+  value varchar(253) NOT NULL default '',
+  PRIMARY KEY  (id),
+  KEY username (username(32))
+);
+
+#
+# Table structure for table 'radgroupcheck'
+#
+
+CREATE TABLE radgroupcheck (
+  id int(11) unsigned NOT NULL auto_increment,
+  groupname varchar(64) NOT NULL default '',
+  attribute varchar(64)  NOT NULL default '',
+  op char(2) NOT NULL DEFAULT '==',
+  value varchar(253)  NOT NULL default '',
+  PRIMARY KEY  (id),
+  KEY groupname (groupname(32))
+);
+
+#
+# Table structure for table 'radgroupreply'
+#
+
+CREATE TABLE radgroupreply (
+  id int(11) unsigned NOT NULL auto_increment,
+  groupname varchar(64) NOT NULL default '',
+  attribute varchar(64)  NOT NULL default '',
+  op char(2) NOT NULL DEFAULT '=',
+  value varchar(253)  NOT NULL default '',
+  PRIMARY KEY  (id),
+  KEY groupname (groupname(32))
+);
+
+#
+# Table structure for table 'radreply'
+#
+
+CREATE TABLE radreply (
+  id int(11) unsigned NOT NULL auto_increment,
+  username varchar(64) NOT NULL default '',
+  attribute varchar(64) NOT NULL default '',
+  op char(2) NOT NULL DEFAULT '=',
+  value varchar(253) NOT NULL default '',
+  PRIMARY KEY  (id),
+  KEY username (username(32))
+);
+
+
+#
+# Table structure for table 'radusergroup'
+#
+
+CREATE TABLE radusergroup (
+  username varchar(64) NOT NULL default '',
+  groupname varchar(64) NOT NULL default '',
+  priority int(11) NOT NULL default '1',
+  KEY username (username(32))
+);
+
+#
+# Table structure for table 'radpostauth'
+#
+CREATE TABLE radpostauth (
+  id int(11) NOT NULL auto_increment,
+  username varchar(64) NOT NULL default '',
+  pass varchar(64) NOT NULL default '',
+  reply varchar(32) NOT NULL default '',
+  authdate timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  PRIMARY KEY  (id)
+) ENGINE = INNODB;
+
+#
+# Table structure for table 'nas'
+#
+CREATE TABLE nas (
+  id int(10) NOT NULL auto_increment,
+  nasname varchar(128) NOT NULL,
+  shortname varchar(32),
+  type varchar(30) DEFAULT 'other',
+  ports int(5),
+  secret varchar(60) DEFAULT 'secret' NOT NULL,
+  server varchar(64),
+  community varchar(50),
+  description varchar(200) DEFAULT 'RADIUS Client',
+  PRIMARY KEY (id),
+  KEY nasname (nasname)
+);
--- a/freeradius/mysql/README.md
+++ b/freeradius/mysql/README.md
@@ -0,0 +1,46 @@
+FreeRadius MySQL
+================
+
+## SQL Patch
+
+```
+$ wget https://github.com/FreeRADIUS/freeradius-server/raw/release_3_0_11/raddb/mods-config/sql/main/mysql/setup.sql
+$ wget https://github.com/FreeRADIUS/freeradius-server/raw/release_3_0_11/raddb/mods-config/sql/main/mysql/schema.sql
+```
+
+File: 00-setup.sql
+
+```diff
+#
+#  Create default administrator for RADIUS
+#
+CREATE USER [-'radius'@'localhost';-]{+'radius'@'%';+}
+SET PASSWORD FOR [-'radius'@'localhost'-]{+'radius'@'%'+} = PASSWORD('radpass');
+
+# The server can read any table in SQL
+GRANT SELECT ON radius.* TO [-'radius'@'localhost';-]{+'radius'@'%';+}
+
+# The server can write to the accounting and post-auth logging table.
+#
+#  i.e.
+GRANT ALL on radius.radacct TO [-'radius'@'localhost';-]{+'radius'@'%';+}
+GRANT ALL on radius.radpostauth TO [-'radius'@'localhost';-]{+'radius'@'%';+}
+```
+
+File: 01-schema.sql
+
+```diff
+@@ -1,5 +1,8 @@
+CREATE DATABASE radius;
+USE radius;
+```
+
+## MySQL Setup
+
+```ini
+server = "mysql"
+port = 3306
+login = "radius"
+password = "radpass"
+radius_db = "radius"
+```