| radiusd.conf(5) | FreeRADIUS configuration file | radiusd.conf(5) |
radiusd.conf - configuration file for the FreeRADIUS server
The radiusd.conf file resides in the radius database directory, by default /etc/freeradius/3.0. It defines the global configuration for the FreeRADIUS RADIUS server.
There are a large number of configuration parameters for the server. Most are documented in the file itself as comments. This page documents only the format of the file. Please read the radiusd.conf file itself for more information.
The configuration file parser is independent of the server configuration. This means that you can put almost anything into the configuration file. So long as it is properly formatted, the server will start.
When the server parses the configuration file, it looks only for those configurations it understands. Extra configuration items are ignored. This "feature" can be (ab)used in certain interesting ways.
The file format is line-based, like many other Unix configuration files. Each entry in the file must be placed on a line by itself, although continuations are supported.
The file consists of configuration items (variable = value pairs), sections, and comments.
name = value
Single and double-quoted strings are permitted:
string1 = "hello world"
string2 = 'hello mom'
section {
...
}
Sections can sometimes have a second name following the first one. The situations where this is legal depend on the context. See the examples and comments in the radiusd.conf file for more information.
section foo {
...
}
# comment
foo = bar # set variable 'foo' to value 'bar'
section { # start of section
...
} # end of section
foo = "blah \
blah \
blah"
will set the value of the variable "foo" to "blah blah blah". Any CR or LF is not turned into a space, but all other whitespace is preserved in the final value.
The value of a variable can reference another variable. These references are evaluated when the configuration file is loaded, which means that there is no run-time cost associated with them. This feature is most useful for turning long, repeated pieces of text into short ones.
Variables are referenced by ${variable_name}, as in the following examples.
foo = bar # set variable 'foo' to value 'bar'
who = ${foo} # sets variable 'who' to value of variable 'foo'
my = "${foo} a" # sets variable 'my' to "bar a"
If the variable exists in a section or subsection, it can be referenced as ${section.subsection.variable}. Forward references are not allowed. Relative references are allowed, by pre-pending the name with one or more period.
blogs = ${.foo}
Will set variable blogs to the value of variable foo, from the current section.
blogs = ${..foo}
Will set variable blogs to the value of variable foo, from the section which contains the current section.
blogs = ${modules.detail.filename}
Will set variable blogs to the value of variable filename, of the detail module, which is in the modules section of the configuration file.
Properties of anonymous parent sections may also be referenced, currently name and instance are supported.
modules {
example foo {
file = ${.:name}
}
}
Will set variable file to the name of the containing section (example).
modules {
example foo {
file = ${.:instance}
}
}
Will set variable file to the instance name of the containing section (foo).
modules {
example foo {
file = ${..:name}
}
}
Will set variable file to the name of the parent of the containing section (modules).
/etc/freeradius/3.0/radiusd.conf
Alan DeKok <aland@freeradius.org>
| 28 Jun 2013 |