Install FreeRADIUS and daloRADIUS on AlmaLinux 8

This guide intends to teach you to Install and Configure Radius Server (FreeRADIUS and daloRADIUS) on AlmaLinux 8.

RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.

FreeRADIUS is the most popular and most widely deployed RADIUS server in the world. It serves as the basis for multiple commercial offerings, and it supplies the authentication, authorization, and accounting (AAA) needs of many Fortune 500 companies and Tier 1 ISPs.

DaloRADIUS is an advanced RADIUS web management application aimed at managing hotspots and general-purpose ISP deployments.

Steps To Install FreeRADIUS and Daloradius on AlmaLinux 8

To complete this guide, you must log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this, you can follow our guide on Initial Server Setup with AlmaLinux 8.

Also, you need to have LAMP Stack installed on your server. To do this, you can follow our guide on Installing LAMP Stack on AlmaLinux 8.

Install PHP Extensions on AlmaLinux 8

At this point, you need to install some PHP extensions on your server by using the command below:

sudo dnf -y install php-{cli,curl,mysqlnd,devel,gd,pear,mbstring,xml,pear}

Also, you need to use the following commands to install other required packages:

# sudo pear install DB 
# sudo pear install MDB2

PEAR DB is an advanced, object-oriented database library that provides full database abstraction – that is, you use the same code in all your databases.

PEAR MDB2 is a merge of the PEAR DB and Metabase php database abstraction layers. It provides a common API for all supported RDBMS.

If you don’t start your Apache and PHP-FPM services, use the command below to start and enable them:

sudo systemctl enable --now httpd php-fpm

Also, you must allow HTTP and HTTPS ports through the firewall:

# sudo firewall-cmd --add-service={http,https} --permanent 
# sudo firewall-cmd --reload

Create Radius Database and User on AlmaLinux 8

At this point, you need to log in to your MariaDB shell by using the command below:

sudo mysql -u root -p

From your MariaDB shell, run the command below to create the database, here we named it radiusdb:

MariaDB [(none)]> CREATE DATABASE radiusdb;

Then, use the command below to create a user with a strong password and grant all the privileges to it:

MariaDB [(none)]> GRANT ALL ON radiusdb.* TO radiususer@localhost IDENTIFIED BY "StrongPass";

Next, flush the privileges and exit from your MariaDB shell:

MariaDB [(none)]> FLUSH PRIVILEGES; 
MariaDB [(none)]> \q

Install FreeRADIUS on AlmaLinux 8

At this point, you can easily install FreeRADIUS. The packages are available in the default AlmaLinux repository. To check it, run the command below:

sudo dnf module list freeradius
Name       Stream  Profiles Summary
freeradius 3.0 [d] server [ High-performance and highly configurable free RADIUS
                   d]        server

Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled

Now use the command below to install FreeRADIUS:

sudo dnf install -y @freeradius freeradius-utils freeradius-mysql

Start and Enable FreeRADIUS Service

When your installation is completed, start and enable your service by using the following command:

sudo systemctl enable --now radiusd.service

Verify your FreeRadius service is active and running on your AlmaLinux 8:

sudo systemctl status radiusd.service
● radiusd.service - FreeRADIUS high performance RADIUS server.
   Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor pre>
   Active: active (running) since Tue 2023-01-17 02:41:42 EST; 33s ago
  Process: 60308 ExecStart=/usr/sbin/radiusd -d /etc/raddb (code=exited, status>
  Process: 60305 ExecStartPre=/usr/sbin/radiusd -C (code=exited, status=0/SUCCE>
  Process: 60267 ExecStartPre=/bin/sh /etc/raddb/certs/bootstrap (code=exited, >
  Process: 60265 ExecStartPre=/bin/chown -R radiusd.radiusd /var/run/radiusd (c>
 Main PID: 60311 (radiusd)
    Tasks: 6 (limit: 23668)
   Memory: 77.0M
   CGroup: /system.slice/radiusd.service
           └─60311 /usr/sbin/radiusd -d /etc/raddb

Configure Firewall for FreeRadius Service

At this point, you need to allow FreeRadius port through the AlmaLinux firewall:

sudo firewall-cmd --add-service=radius --permanent

Reload the firewall to apply the new rules:

sudo firewall-cmd --reload

Configure FreeRADIUS on AlmaLinux 8

At this step, you need to configure FreeRADIUS to use MariaDB. To do this, follow the steps below.

First, you need to import the Radius database scheme to populate the radius database. To do this, use the following commands:

# sudo su - 
# mysql -u root -p radiusdb < /etc/raddb/mods-config/sql/main/mysql/schema.sql

Then, you need to create a soft link for SQL under /etc/raddb/mods-enabled. To do this, run the command below:

sudo ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/

Next, you need to configure SQL module /raddb/mods-available/sql and change the database connection parameters to suit your environment. To do this, open the file with your favorite text editor, here we use vi editor:

sudo vi /etc/raddb/mods-available/sql

Edit the file as shown below:

sql {
        #  Allowed dialects are:
        #       mssql
        #       mysql
        #       oracle
        #       postgresql
        #       sqlite
        #       mongo
dialect = "mysql"

        #  The driver module used to execute the queries.  Since we
driver = "rlm_sql_mysql"
##Comment out the TLS part##
        mysql {
                # If any of the files below are set, TLS encryption is enabled
#               tls {
#                       ca_file = "/etc/ssl/certs/my_ca.crt"
#                       ca_path = "/etc/ssl/certs/"
#                       certificate_file = "/etc/ssl/certs/private/client.crt"
#                       private_key_file = "/etc/ssl/certs/private/client.key"
#                       cipher = "DHE-RSA-AES256-SHA:AES128-SHA"

#                       tls_required = yes
#                       tls_check_cert = no
#                       tls_check_cert_cn = no
#               }

                # If yes, (or auto and libmysqlclient reports warnings are
                # available), will retrieve and log additional warnings from
                # the server if an error has occured. Defaults to 'auto'
                warnings = auto

# Connection info:

server = "localhost"
port = 3306
login = "radiususer"
password = "your-password"

# Database table configuration for everything except Oracle

radius_db = "radiusdb"

# Set to ‘yes’ to read radius clients from the database (‘nas’ table)
# Clients will ONLY be read on server startup.
read_clients = yes

# Table to keep radius client info
client_table = "nas"

When you are done, save and close the file.

Then, change group right of /etc/raddb/mods-enabled/sql to radiusd by using the command below:

sudo chgrp -h radiusd /etc/raddb/mods-enabled/sql

Restart your Radius service to apply the changes:

sudo systemctl restart radiusd

Install Daloradius on AlmaLinux 8

If you want to manage a radius server from a web interface, you can use DaloRADIUS. To do this, follow the steps below.

First, download the DaloRADIUS release archive from GitHub:

# sudo dnf -y install wget unzip
# sudo wget

Then, extract your downloaded file:

sudo unzip

Move the file to the new directory:

sudo mv daloradius-master/ daloradius

Switch to your DaloRADIUS directory:

cd daloradius

Import Daloradius mysql tables with the command below:

# mysql -u root -p radiusdb < contrib/db/fr2-mysql-daloradius-and-freeradius.sql 
# mysql -u root -p radiusdb < contrib/db/mysql-daloradius.sql

Move the Daloradius folder to the path in /var/www/html:

# cd ..
# sudo mv daloradius /var/www/html/

Then change permissions for the http folder and set the right permissions for the Daloradius configuration file:

# sudo mv /var/www/html/daloradius/library/daloradius.conf.php.sample /var/www/html/daloradius/library/daloradius.conf.php
# sudo chown -R apache:apache /var/www/html/daloradius/
# sudo chmod 664 /var/www/html/daloradius/library/daloradius.conf.php

At this point, you need to modify the daloradius.conf.php file to adjust the MySQL database information. To do this, open the file with your favorite text editor:

sudo vi /var/www/html/daloradius/library/daloradius.conf.php

Set database name, user, and password for the connection:

$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radiususer';
$configValues['CONFIG_DB_PASS'] = 'your-password';
$configValues['CONFIG_DB_NAME'] = 'radiusdb';

When you are done, save and close the file.

To be sure everything works, restart radiusd and httpd services:

sudo systemctl restart radiusd.service httpd

Configure SELinux

At this point, you need to configure SELinux Relabel directories to allow apache user access. To do this, run the following commands:

# sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/daloradius(/.*)?" 
# sudo restorecon -Rv /var/www/html/daloradius

Note: If you don’t have the semanage command on your server, run the command below to install it:

sudo dnf install policycoreutils-python-utils

Access DaloRADIUS Web Interface

At this point, you can access your DaloRADIUS management web interface on AlmaLinux 8 by typing your server’s IP address in your web browser followed by /daloradius/login.php:


You will see the Login screen. The default login details are:

Username: administrator 
Password: radius
daloradius login page
DaloRadius Login

Here you should see your daloRADIUS dashboard on AlmaLinux 8.

daloradius dashboard AlmaLinux 8
daloRADIUS dashboard

Change daloRADIUS Administrator Password

At this point, you can change your daloRADIUS password on AlmaLinux 8 by logging into daloRADIUS > Config (In the top menu) > Operators (In the submenu) > List Operators (In the gray sidebar) > Click on the administrator.

daloradius admin password
daloRADIUS Operators

 And in the next screen change the password and click Apply.

Change daloRADIUS Administrator Password
Change daloRADIUS Password


At this point, you have learned to Install and Configure Radius Server (FreeRADIUS and daloRADIUS) on AlmaLinux 8.

Hope you enjoy it. You may be like these articles on the Orcacore website:

Install Symfony PHP Framework on AlmaLinux 8

Install Python 3.11 on AlmaLinux 8

How To Install Postman on AlmaLinux 8

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Stay informed and not overwhelmed, subscribe now!