GUIDE FOR INSTALLATION OF FREERADIUS 2.2 WITH ORACLE 10g ON x86_64 SYSTEMS
--------------------------------------------------------------------------------------------------------------------------
Dependencies
-EAP/TLS
For EAP/TLS installation of Radius it is necessary that the system has openssl with libraries installed.
Run the following command on CentOS to get OpenSSL along with libraries
yum install openssl-devel
yum install openssl098e
or you can install everything by using the following command
yum install openssl*
-C Compiler and Libraries
C compiler and libraries are required for the source installation of freeRadius. If you are not using source installation then there is no need for these.
yum install binutils compat-libstdc++-33 elfutils-libelf elfutils-libelf-devel glibc glibc-common glibc-devel gcc gcc-c++ libaio libaio-devel libgcc libstdc++
yum install libstdc++-devel make sysstat unixODBC unixODBC-devel
-X Winodow System / xclock
Required to run the oracle installation. without this the installation of oracle will quit with error. xclock is used to test if X Window system is installed successfully.
yum groupinstall "X Window System"
yum install libxcp ?? libxp?? libXtst.x86_64 libXtst-devel.x86_64 libXtst-devel.x86_64 libXtst.x86_64 libXtst.i386
yum install libXp compat-db.x86_64 compat-glibc.x86_64 sysstat.x86_64 libXt
yum install xorg-x11-server* xorg-x11-utils xauth
yum install xclock
-Oracle
FreeRadius supports many kinds of databases. Oracle is also supported. freeradius can be compliled on CentOS to support oracle but it requires certain libraries and include directories for compilation. To compile freeradius successfully, you will need to install an Oracle client OR server that contains the following files/directories
[ORACLE INSTALL DIR]/rdbms/public/
this directory contains the oci.h library. The Oracle Call Interfaces (OCI) is a set of low-level APIs (Application Programming Interface Calls) used to interact with the Oracle Database. It allows one to use operations like logon, execute, parse, fetch, etc. OCI programs are normally written in C or C++, although they can be written in almost any programming language. This include file is necessary for an oracle enabled freeradius installation.
[ORACLE INSTALL DIR]/lib/
this directory should contain among others, libclntsh.so and libocci.so libraries . These are also necessary for an oracle enabled freeradius compilation.
Installing Oracle
----------------------------------------
– Create groups/users
These Groups and Users are essential for oracle installation
/usr/sbin/groupadd oinstall
/usr/sbin/groupadd dba
/usr/sbin/useradd -g oinstall -G dba oracle
cp /etc/redhat-release /etc/redhat-release.original
echo "redhat-4" > /etc/redhat-release
Configure oracle client
-Add following lines in /etc/sysctl.conf
###################################################################
#####For Oracle########################################
##
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
#net.core.rmem_default = 4194304
#net.core.rmem_max = 4194304
#net.core.wmem_default = 262144
#net.core.wmem_max = 262144
####For Testing#################
# increase TCP max buffer size settable using setsockopt()
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
# increase Linux autotuning TCP buffer limit
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
Run the following to see the modified system values
/sbin/sysctl -p
-Add the following lines in /etc/security/limits.conf file:
#############################################
#### For Oracle##############################
#@student - maxlogins 4
#####
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
# End of file
-Add the following lines in . Bash_profile for Oracle User
(/home/oracle/.bash_profile):
###########oracle#################3
export PATH
###
ulimit -u 16384 -n 65536
umask 022
export ORACLE_BASE=/opt/oracle
export ORACLE_HOME=/opt/oracle/product/10.2.1
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib:/lib
export PATH=$ORACLE_HOME/bin:$PATH
Add the following lines in . Bash_profile for Root User
(/root/.bash_profile):
####For Oracle################
export PATH
unset USERNAME
#####
ulimit -u 16384 -n 65536
umask 022
export ORACLE_BASE=/opt/oracle
export ORACLE_HOME=/opt/oracle/product/10.2.1
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib:/lib
export PATH=$ORACLE_HOME/bin:$PATH
------------------------------------------------------------------------
Extract the following file in a directory preferably the home folder of oracle
cpio -idmv < 10201_client_linux_x86_64.cpio
its good practice if the extracted files are owned by oracle:oinstall
the files will be extracted to a clients folder.
Login as oracle user
the oracle installer requries X11 forwarding enabled. so you can either use Xming along with putty[x11 forwarding enabled]. Second way is to use linux operating system. I used a virtualised CentOS to access the server.
ssh -p 2XXX -X oracle@X.X.X.X]
the -X signifies that the ssh session will havae x windows systems enabled in it.
after logging in run xclock to see if xwindows is working.
if you followed the above instructions xclock will work fine. after successfully running xclock run the following from the directory in which you extracted the 10201_client_linux .
cd /home/oracle/client
./runInstaller
if you get the following error
/lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
most probably you dont have the ld-linux.so.2 file in your lib directory. this will happen on x64 systems as glibc packages installed will also be for 64 bit systems.
to resolve install the following 32 bit libraries.
yum install glibc.i686 libXp.i686 libXt.i686 libXtst.i686 libXtst-devel.i686 libXtst-devel.i686
Run the installation again.
we used the following directories
Oracle Home: /opt/oracle/product/10.2.1
sometimes you may get an error saying that the directory doesnot exist.
create the following directory
mkdir /opt/oracle
chown oracle:oinstall /opt/oracle
After installation of oracle the setup will ask you to run some scripts as roor user.
Run these scripts
Run the following command to make sure that the installtion was successful
updatedb && locate oci.h
if oci.h is located then the installation was successful.
-------------------
now extract the freeradius package.
Run the following. you may add or remove the options as per requriement.
./configure --prefix=/usr/local/radius --with-raddbdir=/etc/raddb --localstatedir=/var/log/radius --with-rlm_sql_oracle=yes --with-oracle-home-dir=/opt/oracle/product/10.2.1 --with-oracle-lib-dir=/opt/oracle/product/10.2.1/lib --with-oracle-include-dir=/opt/oracle/product/10.2.1/rdbms/public/ --without-rlm_sqlippool --with-snmp --with-openssl-includes=/usr/include/openssl/ --with-openssl-libraries=/usr/lib/openssl/
make
make install
-----------------------------------------------
--prefix
By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc. You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=/usr/local/radius
--with-raddbdir=/etc/raddb
Define the installation directory for radius
--localstatedir=/var/log/radius
this directory will contain all the log files for radius
--with-rlm_sql_oracle=yes
Required when you want to compile freeradius with oracle support.
--with-oracle-home-dir
define oracle home directory [same as defined in path variables of root and oracle]
--with-oracle-lib-dir
define oracle lib directory [same as defined in path variables of root and oracle]
--with-oracle-include-dir
define oracle include directory [same as defined in path variables of root and oracle]
-with-openssl-includes
This is required when you want to compile freeradius with EAP/TLS support. Define the path for openssl include files
GUIDE FOR INSTALLATION OF FREERADIUS 2.2 WITH ORACLE 10g
ON x86_64 SYSTEMS
--------------------------------------------------------------------------------------------------------------------------Dependencies
-EAP/TLS
For EAP/TLS installation of Radius it is necessary that the system has openssl with libraries installed.
Run the following command on CentOS to get OpenSSL along with libraries
yum install openssl-devel
yum install openssl098e
or you can install everything by using the following command
yum install openssl*
-C Compiler and Libraries
C compiler and libraries are required for the source installation of freeRadius. If you are not using source installation then there is no need for these.
yum install binutils compat-libstdc++-33 elfutils-libelf elfutils-libelf-devel glibc glibc-common glibc-devel gcc gcc-c++ libaio libaio-devel libgcc libstdc++
yum install libstdc++-devel make sysstat unixODBC unixODBC-devel
-X Winodow System / xclock
Required to run the oracle installation. without this the installation of oracle will quit with error. xclock is used to test if X Window system is installed successfully.
yum groupinstall "X Window System"
yum install libxcp ?? libxp?? libXtst.x86_64 libXtst-devel.x86_64 libXtst-devel.x86_64 libXtst.x86_64 libXtst.i386
yum install libXp compat-db.x86_64 compat-glibc.x86_64 sysstat.x86_64 libXt
yum install xorg-x11-server* xorg-x11-utils xauth
yum install xclock
-Oracle
FreeRadius supports many kinds of databases. Oracle is also supported. freeradius can be compliled on CentOS to support oracle but it requires certain libraries and include directories for compilation. To compile freeradius successfully, you will need to install an Oracle client OR server that contains the following files/directories
[ORACLE INSTALL DIR]/rdbms/public/
this directory contains the oci.h library. The Oracle Call Interfaces (OCI) is a set of low-level APIs (Application Programming Interface Calls) used to interact with the Oracle Database. It allows one to use operations like logon, execute, parse, fetch, etc. OCI programs are normally written in C or C++, although they can be written in almost any programming language. This include file is necessary for an oracle enabled freeradius installation.
[ORACLE INSTALL DIR]/lib/
this directory should contain among others, libclntsh.so and libocci.so libraries . These are also necessary for an oracle enabled freeradius compilation.
Installing Oracle
----------------------------------------
ORACLE PREREQUISITES
----------------------------------------– Create groups/users
These Groups and Users are essential for oracle installation
/usr/sbin/groupadd oinstall
/usr/sbin/groupadd dba
/usr/sbin/useradd -g oinstall -G dba oracle
cp /etc/redhat-release /etc/redhat-release.original
echo "redhat-4" > /etc/redhat-release
Configure oracle client
-Add following lines in /etc/sysctl.conf
###################################################################
#####For Oracle########################################
##
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
#net.core.rmem_default = 4194304
#net.core.rmem_max = 4194304
#net.core.wmem_default = 262144
#net.core.wmem_max = 262144
####For Testing#################
# increase TCP max buffer size settable using setsockopt()
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
# increase Linux autotuning TCP buffer limit
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
Run the following to see the modified system values
/sbin/sysctl -p
-Add the following lines in /etc/security/limits.conf file:
#############################################
#### For Oracle##############################
#@student - maxlogins 4
#####
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
# End of file
-Add the following lines in . Bash_profile for Oracle User
(/home/oracle/.bash_profile):
###########oracle#################3
export PATH
###
ulimit -u 16384 -n 65536
umask 022
export ORACLE_BASE=/opt/oracle
export ORACLE_HOME=/opt/oracle/product/10.2.1
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib:/lib
export PATH=$ORACLE_HOME/bin:$PATH
Add the following lines in . Bash_profile for Root User
(/root/.bash_profile):
####For Oracle################
export PATH
unset USERNAME
#####
ulimit -u 16384 -n 65536
umask 022
export ORACLE_BASE=/opt/oracle
export ORACLE_HOME=/opt/oracle/product/10.2.1
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib:/lib
export PATH=$ORACLE_HOME/bin:$PATH
------------------------------------------------------------------------
ORACLE INSTALLATION
------------------------------------------------------------------------Extract the following file in a directory preferably the home folder of oracle
cpio -idmv < 10201_client_linux_x86_64.cpio
its good practice if the extracted files are owned by oracle:oinstall
the files will be extracted to a clients folder.
Login as oracle user
the oracle installer requries X11 forwarding enabled. so you can either use Xming along with putty[x11 forwarding enabled]. Second way is to use linux operating system. I used a virtualised CentOS to access the server.
ssh -p 2XXX -X oracle@X.X.X.X]
the -X signifies that the ssh session will havae x windows systems enabled in it.
after logging in run xclock to see if xwindows is working.
if you followed the above instructions xclock will work fine. after successfully running xclock run the following from the directory in which you extracted the 10201_client_linux .
cd /home/oracle/client
./runInstaller
if you get the following error
/lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
most probably you dont have the ld-linux.so.2 file in your lib directory. this will happen on x64 systems as glibc packages installed will also be for 64 bit systems.
to resolve install the following 32 bit libraries.
yum install glibc.i686 libXp.i686 libXt.i686 libXtst.i686 libXtst-devel.i686 libXtst-devel.i686
Run the installation again.
we used the following directories
Oracle Home: /opt/oracle/product/10.2.1
sometimes you may get an error saying that the directory doesnot exist.
create the following directory
mkdir /opt/oracle
chown oracle:oinstall /opt/oracle
After installation of oracle the setup will ask you to run some scripts as roor user.
Run these scripts
Run the following command to make sure that the installtion was successful
updatedb && locate oci.h
if oci.h is located then the installation was successful.
-------------------
FreeRadius
-------------------now extract the freeradius package.
tar -xvf freeradius-server-2.2.0.tar.gz
cd freeradius-server-2.2.0
Run the following. you may add or remove the options as per requriement.
./configure --prefix=/usr/local/radius --with-raddbdir=/etc/raddb --localstatedir=/var/log/radius --with-rlm_sql_oracle=yes --with-oracle-home-dir=/opt/oracle/product/10.2.1 --with-oracle-lib-dir=/opt/oracle/product/10.2.1/lib --with-oracle-include-dir=/opt/oracle/product/10.2.1/rdbms/public/ --without-rlm_sqlippool --with-snmp --with-openssl-includes=/usr/include/openssl/ --with-openssl-libraries=/usr/lib/openssl/
make
make install
-----------------------------------------------
Radius Installation Options
-------------------------------------------------prefix
By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc. You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=/usr/local/radius
--with-raddbdir=/etc/raddb
Define the installation directory for radius
--localstatedir=/var/log/radius
this directory will contain all the log files for radius
--with-rlm_sql_oracle=yes
Required when you want to compile freeradius with oracle support.
--with-oracle-home-dir
define oracle home directory [same as defined in path variables of root and oracle]
--with-oracle-lib-dir
define oracle lib directory [same as defined in path variables of root and oracle]
--with-oracle-include-dir
define oracle include directory [same as defined in path variables of root and oracle]
-with-openssl-includes
This is required when you want to compile freeradius with EAP/TLS support. Define the path for openssl include files
Comments
Post a Comment