Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX AAA Server A.07.01 Administrator’s Guide: HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 > Chapter 4 Enabling the HP-UX AAA Server for GUI-based Administration

Starting AAA Servers From the Command Line
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

The radiusd daemon is a process that services user authentication and accounting requests from RADIUS clients. Authentication and accounting requests come to the radiusd daemon in the form of UDP packets conforming to the RADIUS protocol. You can start the radiusd daemon from the Server Manager GUI, command line, or through an inetd service.

radiusd Syntax

radiusd [-c workdir] [-C] [-d configdir] [-da aatvdir] [-dl
 logdir] [-di ipcdir] [-dr rundir] [-dd datadir] [-dm meritdir]
 [-p authport] [-q acctport] [-f fsm] [-l [-n] [-pp authproxy]
 [-qq acctproxy] [-g logtype] [-h] [-s] [-t timeout] [-v] [-z]
 [-x] [-x] [-x] [-x]

Table 4-2 describes all the radiusd options.

Table 4-2 radiusd Options

Option

Description
-c Working-directory Sets current working directory. This option can be useful for determining the location of system generated files, such as core files.
-C tokcachedirEnables token caching.
-d Config-directory Specifies the directory where the configuration files are located. If omitted, the default directory is /etc/opt/aaa.
-da AATV-directory Specifies the directory where the AATV libraries are located. If omitted, the default directory is /opt/aaa/aatv.
-dl Logfile-directory Specifies the directory where the log and debug files are located. If omitted, the default directory is /var/opt/aaa/logs.
-di IPC-directory Specifies the directory where the files generated for shared memory operation are located. If omitted, the default directory is /var/opt/aaa/ipc.
-dr Run-directory Specifies the directory where the server's process id file (radiusd.pid) is located. If omitted, the default directory is /var/opt/aaa/run.
-dd Data-directory Specifies the directory where the active session file (session.las) is located. If omitted, the default directory is /var/opt/aaa/data.
-dm Accounting-directory Specifies the directory where Merit style accounting log files (session logs) are located. If omitted, the default directory is /var/opt/aaa/acct.
-p Authentication-port Specifies the UDP port number to listen to auth requests. If omitted, the local host services will be queried for the RADIUS port (see services(4)). If unable to obtain the port from host services, the RADIUS standard default of 1812 will be used.
-q Accounting-port Specifies the UDP port number to listen for acct requests. If omitted, the local host services will be queried to obtain the radacct port (see services(4)). If unable to obtain the port from host services, the RADIUS standard default of 1813 will be used.
-f FSM Allows the user to specify an alternate Finite State Machine (FSM) table file instead of the default radius.fsm file. The default FSM file (/etc/opt/aaa/radius.fsm) follows Merit style accounting behavior.
-l Log-format

strftime(3) format for naming logfiles. The -l option specifies the logfile name format with timestamp precision and dictates when a logfile must start logging. For example, the following specifies the logging to start every hour: 

$ ./radiusd -l logfile.%Y%m%d%H
-nResets the session table. If omitted, the default is to restore the session table from a previous run.
-pp Authentication-proxy Specifies the UDP port number to forward (proxy) authentication requests.
-qq Accounting-proxy Specifies the UDP port number to forward (proxy) accounting requests.
-g LogtypeSelects logfile, syslog, or stderr logging.

-h

Displays help message

-s

Single process (non-spawning) mode
-t Timeout Inactivity timeout value (minutes) when the radiusd daemon is started through inetd.
-vDisplays AAA server version.
-zEmpties the logfile and the debug file if -x option is used.
-xAdds to debug flag value.

 

NOTE: The radiusd daemon determines what action must be taken when receiving requests based upon an FSM that it loads into memory when the server is started. The FSM can be configured, but it is static after server startup. The server uses the algorithm shown in Figure 4-3 to determine which FSM must be loaded into memory:

Figure 4-3 Algorithm for Determining Which FSM to Load

Algorithm for Determining Which FSM to Load
IMPORTANT: When started by the inetd service, radiusd times out if it does not receive a message in 15 minutes. With the -t Timeout option, you can override this value. If the value is set to 0, it waits indefinitely without timing out.

Configuring the HP-UX AAA Server to Start Automatically Upon System Reboot

You can configure the HP-UX AAA Server (radiusd) and RMI objects to start automatically after a system reboot.

  • Set the RADIUSD variable in/etc/rc.config.d/radiusd.conf to 1. The default setting is 0.

    CAUTION: Modifying the content in the /sbin/init.d/radiusd.rc file other than radiusd options can disallow booting of the system.
    NOTE: You can also start the Server Manager interface after reboot. In the /etc/rc.config.d/hpws_tomcatconf file, set HPWS_TOMCAT_START to 1, and set JAVA_HOME to/opt/java1.4.


Starting AAA Servers Using Server Manager
  		 


Stopping or Restarting HP-UX AAA Servers  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© Hewlett-Packard Development Company, L.P.