FreeRADIUS+EAP in Alpine based docker container
Alan DeKok
aland at deployingradius.com
Sun Sep 20 15:38:27 CEST 2020
On Sep 20, 2020, at 2:01 AM, victorsugo via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> I'd like to run FreeRADIUS in a docker container, but I can't start it with the default config.
> (I am not sure if this is the right place for my question or should I go to an alpine forum/list.)
Here is fine.
There are official docker containers here: https://hub.docker.com/r/freeradius/freeradius-server
> What I do:
> $ docker run -it alpine
> # apk add freeradius-eap make openssl
> # cd /etc/raddb/certs
> # ./bootstrap
> # radiusd -X
>
> What I wait: it starts radius server.
> What I get instead of it: an error message.
>
> # Instantiating module "eap" from file /etc/raddb/mods-enabled/eap
> /etc/raddb/mods-enabled/eap[14]: Failed to find 'Auth-Type EAP' section. Cannot authenticate users.
> /etc/raddb/mods-enabled/eap[14]: Instantiation failed for module "eap"
>
> But... If I edit /etc/raddb/sites-enabled/default and change
> authenticate {
> ...
> -eap
> ...
> }
Hmm... someone in Debian edited the default configuration and broke it. We don't recommend doing that.
The "-eap" text isn't in the default configuration. So whoever made that package didn't test it.
> to
>
> authenticate {
> ...
> eap
> ...
> }
>
> then it starts with no error.
That's the correct change.
> I've tried to compare the logs with "diff -y --suppress-common-lines wrong.log good.log" and in the left column I get only that error message.
> Have you got any idea, what happens, what is the problem with the conditional loading of eap module?
The EAP module tries to check for broken configurations, and the "-" in "-eap" confuses it. I'll push a fix.
But in the mean time, just removing the "-" is fine.
Alan DeKok.
More information about the Freeradius-Users
mailing list