Inheritance of eap.conf settings

Arran Cudbard-Bell a.cudbardb at
Wed Feb 12 17:51:36 CET 2014

On 12 Feb 2014, at 16:07, Jonathan Gazeley <jonathan.gazeley at> wrote:

> Hi list,
> I'm neatening up my sprawling FreeRADIUS config and I've noticed something strange.
> Nothing uses the default eap.conf (and the default virtual server is disabled) but my understanding is that instantiations of the eap module, called like:
> eap eduroameap {}
> ... should inherit settings from eap.conf. In my eap.conf I've set:

Nope. Not at all.

> dh_file = /etc/raddb/certs/dh
> random_file = /dev/urandom
> And in my numerous EAP modules for various virtual servers, I've removed dh_file and random_file. Nothing complained about random_file being missing but apparently the dh_file being missing is an issue:
> rlm_eap_tls: Unable to open DH file - (null)
> rlm_eap: Failed to initialize type tls
> /etc/raddb/modules/rainboweap[17]: Instantiation failed for module "rainboweap"
> /etc/raddb/sites-enabled/rainbow-inner[17]: Failed to find "rainboweap" in the "modules" section.
> /etc/raddb/sites-enabled/rainbow-inner[13]: Errors parsing authenticate section.

Yes, fixed that already.

> How come random_file was inherited while dh_file wasn't? Or have I misunderstood how this works,

You have.

> inerheritance doesn't exist, and it's just that random_file has a default value if undefined while dh_file doesn't?



Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list