====== Installing FreeRADIUS on Ubuntu 24.04 ======
===== Introduction =====
  * Install FreeRADIUS and MySQL module.
<code bash>
sudo apt-get -y install libdatetime-perl libdbd-mysql-perl libdigest-hmac-perl libdatetime-format-rfc3339-perl eapoltest
sudo apt-get -y install freeradius freeradius-mysql
# Answer yes to the question to install these packages with their dependencies
# Please note that the installation of this package generates some things that can take a lot of time on slower computers.
</code>
  * Activating and starting FreeRADIUS
<code bash>
sudo systemctl enable freeradius
sudo systemctl start freeradius
sudo systemctl status freeradius
</code>
====== Configure FreeRADIUS ======
  * Proceed as follows to configure FreeRADIUS to work with RADIUSdesk
<code bash>
# Stop the service if it is already running
sudo systemctl stop freeradius
# Backup the original FreeRADIUSdirectory
sudo mv /etc/freeradius /etc/freeradius.orig
# Extract the RADIUSdesk modified FreeRADIUS directory
sudo tar xzf /var/www/html/cake4/rd_cake/setup/radius/freeradius-radiusdesk.tar.gz --directory /etc
sudo chown -R freerad. /etc/freeradius/3.0/
sudo  mkdir /var/run/freeradius
sudo chown freerad. /var/run/freeradius
</code>
  * Configure the site-wide shared secret. This is the value used by ALL dynamic clients.
<code bash>
sudo vi /etc/freeradius/3.0/sites-enabled/dynamic-clients
</code>
  * Locate this part of the file and change FreeRADIUS-Client-Secret to the value you want to use.
<code bash>
#  Echo the IP address of the client.
FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}"
 
# require_message_authenticator
FreeRADIUS-Client-Require-MA = no
 
# secret
FreeRADIUS-Client-Secret = "testing123"
 
# shortname
FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}"
</code>
  * Comment out the following two lines in the systemd unit file
<code bash>
sudo vi /lib/systemd/system/freeradius.service
</code>
  * Take a look at this example to see which two lines you need to comment out. If you do not do this, the system will not work and FreeRADIUS will not start at boot time.
<code bash>
[Unit]
Description=FreeRADIUS multi-protocol policy server
After=syslog.target network.target
Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ http://networkradius.com/doc/
 
[Service]
Type=forking
PIDFile=/run/freeradius/freeradius.pid
#EnvironmentFile=-/etc/default/freeradius
#ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cxm -lstdout
ExecStart=/usr/sbin/freeradius $FREERADIUS_OPTIONS
Restart=on-failure
RestartSec=5
 
[Install]
WantedBy=multi-user.target
</code>
  * After you have executed these commands, you can test whether FreeRADIUS starts without any problems.
<code bash>
sudo systemctl daemon-reload 
sudo systemctl restart freeradius
sudo systemctl status freeradius
</code>

===== Correction of a small error =====

  * There is a small bug that prevents FreeRADIUS from starting after a restart.
  * It was reported here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954911
  * There also seems to be a fix, but it has not yet arrived in the Ubuntu repositories.
  * So here is the solution from the discussion in the link
  * Create a file called **/usr/lib/tmpfiles.d/freeradius.conf**
<code bash>
sudo vi /usr/lib/tmpfiles.d/freeradius.conf
</code>
  * Add the following line
<code bash>
d /run/freeradius 750 freerad freerad -
</code>
  * If you are curious about what we did, you can find a report on **tmpfiles.d** here
     * https://www.commandlinux.com/man-page/man5/tmpfiles.d.5.html

===== Next steps =====
  * You will need to make a few small adjustments to your environment
  * [[install_tweak|Tweak Your Install]]