radiusd.conf(5) configuration file for the FreeRADIUS server

DESCRIPTION

The radiusd.conf file resides in the radius database directory, by default /etc/raddb. It defines the global configuration for the FreeRADIUS RADIUS server.

CONTENTS

There are a large number of configuration parameters for the server. Most are documented in the file itself as comments. This page documents only the format of the file. Please read the radiusd.conf file itself for more information.

The configuration file parser is independent of the server configuration. This means that you can put almost anything into the configuration file. So long as it is properly formatted, the server will start.

When the server parses the configuration file, it looks only for those configurations it understands. Extra configuration items are ignored. This "feature" can be (ab)used in certain interesting ways.

FILE FORMAT

The file format is line-based, like many other Unix configuration files. Each entry in the file must be placed on a line by itself, although continuations are supported.

The file consists of configuration items (variable = value pairs), sections, and comments.

Variables
Variables can be set via:



name = value

Single and double-quoted strings are permitted:



string1 = "hello world"
string2 = 'hello mom'

Sections
A section begins with a section name, followed on the same line by an open bracket '{'. Section may contain other sections, comments, or variables. Sections may be nested to any depth, limited only by available memory. A section ends with a close bracket '}', on a line by itself.



section {
...
}

Sections can sometimes have a second name following the first one. The situations where this is legal depend on the context. See the examples and comments in the radiusd.conf file for more information.



section foo {
...
}

Comments
Any line beginning with a (#) is deemed to be a comment, and is ignored. Comments can appear after a variable or section definitions.



# comment
foo = bar # set variable 'foo' to value 'bar'
section { # start of section
...
} # end of section

Continuations
Long lines can be broken up via continuations, using '\' as the last character of the line. For example, the following entry:



foo = "blah \
blah \
blah"

will set the value of the variable "foo" to "blah blah blah". Any CR or LF is not turned into a space, but all other whitespace is preserved in the final value.

REFERENCES

The value of a variable can reference another variable. These references are evaluated when the configuration file is loaded, which means that there is no run-time cost associated with them. This feature is most useful for turning long, repeated pieces of text into short ones.

Variables are referenced by ${variable_name}, as in the following examples.


        foo = bar       # set variable 'foo' to value 'bar'

who = ${foo} # sets variable 'who' to value of variable 'foo'
my = "${foo} a" # sets variable 'my' to "bar a"

If the variable exists in a section or subsection, it can be referenced as ${section.subsection.variable}. Forward references are not allowed. Relative references are allowed, by pre-pending the name with one or more period.


blogs = ${.foo}

Will set variable blogs to the value of variable foo, from the current section.


blogs = ${..foo}

Will set variable blogs to the value of variable foo, from the section which contains the current section.


blogs = ${modules.detail.detailfile}

Will set variable blogs to the value of variable detailfile, of the detail module, which is in the modules section of the configuration file.

FILES

/etc/raddb/radiusd.conf

AUTHOR

Alan DeKok <[email protected]>