User restriction

Frederick William Borges Pohl at
Wed Aug 6 22:54:26 CEST 2008

Thanks again, Alan.

Radius is now running and working fine.

I tested it using radtest 

"radtest fpohl <password> localhost 1812 <password>"

and I got an OK result

"rad_recv: Access-Accept packet from host port 1812, id=162, length=20"

My question is now regarding users.

The user fpohl is a regular Unix user I created with useradd but it does not belong to the same group as radiusd.

It is configured as follow:

radiusd:x:107:109:Radius daemon:/var/lib/radiusd:/bin/false

ns1:~ # id fpohl
uid=1000(fpohl) gid=110 groups=110,16(dialout),33(video)
ns1:~ # id radiusd
uid=107(radiusd) gid=109(radiusd) groups=109(radiusd)

How can I configure freeradius to only accept connections from users that belong to the same groups as radiusd?

What I really need is to not allow all unix users to be a radius client, only the ones that belong to a specific group.

If my questions are too basic and there are documents on the web that can help new users like me, please show me the way.

Frederick Pohl

-----Mensagem original-----
De: at [ at] Em nome de A.L.M.Buxey at
Enviada em: terça-feira, 5 de agosto de 2008 13:48
Para: FreeRadius users mailing list
Assunto: Re: RES: Installation problem


> After running /sbin/ldconfig -v , I was able to execute radiusd.
> The only weird thing is that the daemon is not showing when I type ps aux.
> Even after running /usr/sbin/radiusd, nothing happens.

yep - at this point you run

radiusd -X

to see whats wrong

List info/subscribe/unsubscribe? See

Esta mensagem, incluindo seus anexos, pode conter informações privilegiadas e/ou de caráter confidencial, não podendo ser retransmitida sem autorização do remetente. Se você não é o destinatário ou pessoa autorizada a recebê-la, informamos que o seu uso, divulgação, cópia ou arquivamento são proibidos. Portanto, se você recebeu esta mensagem por engano, por favor, nos informe respondendo imediatamente a este e-mail e em seguida apague-a.

More information about the Freeradius-Users mailing list