ABillS
Space shortcuts
Child pages
  • Installing ABillS on Ubuntu
Skip to end of metadata
Go to start of metadata 

Instruction was written for Ubuntu 20.04.3 LTS (Focal Fossa) and older
Installation according to this instruction on Ubuntu 20+ you need to install percona mysql 5.7

Install the required software for Percona Mysql 
sudo apt install curl gnupg2 -y
cd /tmp
Then download the file with the repository
wget https://repo.percona.com/apt/percona-release_latest.$(lsb_release -sc)_all.deb
Install sudo dpkg -i percona-release_latest.$(lsb_release -sc)_all.deb sudo apt update
The only options selected during installation are:

  • standart system utilities

  • OpenSSH Server

Work in the console, switch to root:
sudo su
Update the system and packages
Reboot and install packages MySQLapache2 and perl libraries
apt-get install -yq percona-server-server-5.7 percona-server-client-5.7 libmysqlclient-dev apache2 apache2-utils libexpat1 ssl-cert

Download ABillS

At the time of writing, the latest version 0.92.05 (Check)

cd /usr
wget https://sourceforge.net/projects/abills/files/abills/0.92/abills-0.92.05.tgz 
tar zxvf abills-0.92.05.tgz  
cp /usr/abills/libexec/config.pl.default /usr/abills/libexec/config.pl
Change the configuration file /usr/abills/libexec/config.pl

#DB configuration 
$conf{dbhost}='localhost';
$conf{dbname}='abills'; 
$conf{dbuser}='abills';
$conf{dbpasswd}='sqlpassword'; #change to your password
$conf{ADMIN_MAIL}='info@your.domain'; 
$conf{USERS_MAIL_DOMAIN}="your.domain";
# used to encrypt administrator and user passwords.
$conf{secretkey}="test12345678901234567890";

The value of $conf{secretkey} is recommended to be changed from "test12345678901234567890" to a random long string. If you change the value in $conf{secretkey}, change it in the /usr/abills/db/abills.sql file as well

Create missing directories and change permissions:
mkdir /var/log/httpd/
mkdir -p /usr/abills/var/log
touch /usr/abills/var/log/abills.log
chown -Rf www-data:www-data /usr/abills/cgi-bin
chown -Rf www-data:www-data /usr/abills/Abills/templates
chown -Rf www-data:www-data /usr/abills/backup
touch /usr/abills/var/log/sql_errors
chown nobody /usr/abills/var/log/sql_errors
chmod 666 /usr/abills/var/log/sql_errors

Setup Apache

cp /usr/abills/misc/apache/abills_httpd.conf /etc/apache2/sites-enabled/
Create a certificate
/usr/abills/misc/certs_create.sh apache
Run the installed modules for apache:
a2enmod ssl
a2enmod rewrite
a2enmod suexec
a2enmod include
a2enmod cgi
Restart apache:
/etc/init.d/apache2 restart

Setup MySQL

mysql --default-character-set=utf8 -u root -p
Rights to work with the database
GRANT ALL ON abills.* TO `abills`@localhost IDENTIFIED BY "sqlpassword"; -- instead of sqlpassword we substitute our value from $conf{dbpasswd}
CREATE DATABASE abills DEFAULT CHARACTER SET utf8 COLLATE  utf8_general_ci;
quit;


Adding a database to MySQL
mysql --default-character-set=utf8 -u root -p -D abills < /usr/abills/db/abills.sql

Perl modules

Modules are required for the system work.
cd /usr/abills/misc/ && perl perldeps.pl apt-get -batch

For a better life in the future:

apt-get install -yq cpanminus
apt-get install -yq aptitude

If some modules are not installed, you can install them

cpanm <ModuleName>

For example not installed Digest::SHA1, run:

cpanm Digest::SHA1

Install RADIUS

install the necessary libraries to build freeradius
Installing Libraries
aptitude install libmysqlclient-dev libgdbm-dev make gcc libtalloc-dev libperl-dev libhiredis-dev
Checking the Perl Version
find /usr/lib/ | grep libperl.so 
/usr/lib/x86_64-linux-gnu/libperl.so.5.30
/usr/lib/x86_64-linux-gnu/libperl.so.5.30.0


Make a symlink so that the library is loaded at compile time
 ln -s /usr/lib/x86_64-linux-gnu/libperl.so.5.30 /usr/lib/x86_64-linux-gnu/libperl.so


Download, compile and install Freeradius version 3.0.17
cd /tmp
wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.25.tar.gz
tar zxvf freeradius-server-3.0.25.tar.gz
cd freeradius-server-3.0.25
./configure --prefix=/usr/local/freeradius --with-rlm-perl-lib-dir=/usr/lib/x86_64-linux-gnu/ \
 --with-dhcp=yes --with-openssl=no > /dev/null
make && make install

ln -s /usr/local/freeradius/bin/* /usr/bin/
ln -s /usr/local/freeradius/sbin/* /usr/sbin/

mkdir -p /usr/local/freeradius/var/run/radiusd/
chown freerad:freerad /usr/local/freeradius/var/run/radiusd/
In case of build problems, you can use aptitude to resolve all problems

And then choosing n downgrade or fix the package versions !

Working example


sudo aptitude install build-essential
The following NEW packages will be installed:
  build-essential g++{a} g++-9{a} libc-dev-bin{a} libc6-dev{ab} libcrypt-dev{a} libstdc++-9-dev{a} linux-libc-dev{a} 
0 packages upgraded, 8 newly installed, 0 to remove and 0 not upgraded.
Need to get 13,9 MB of archives. After unpacking 73,2 MB will be used.
The following packages have unmet dependencies:
 libc6-dev : Depends: libc6 (= 2.31-0ubuntu9) but 2.31-0ubuntu9.2 is installed
The following actions will resolve these dependencies:

     Keep the following packages at their current version:
1)     build-essential [Not Installed]                    
2)     g++ [Not Installed]                                
3)     g++-9 [Not Installed]                              
4)     libc6-dev [Not Installed]                          
5)     libstdc++-9-dev [Not Installed]                    


Accept this solution? [Y/n/q/?] n
The following actions will resolve these dependencies:

     Downgrade the following packages:                           
1)     libc6 [2.31-0ubuntu9.2 (now) -> 2.31-0ubuntu9 (focal)]    
2)     libc6-dbg [2.31-0ubuntu9.2 (now) -> 2.31-0ubuntu9 (focal)]


Accept this solution? [Y/n/q/?] Y
The following packages will be DOWNGRADED:
  libc6 libc6-dbg 
The following NEW packages will be installed:
  build-essential g++{a} g++-9{a} libc-dev-bin{a} libc6-dev{a} libcrypt-dev{a} libstdc++-9-dev{a} linux-libc-dev{a} 
0 packages upgraded, 8 newly installed, 2 downgraded, 0 to remove and 0 not upgraded.
Need to get 22,3 MB of archives. After unpacking 42,0 MB will be used.
Do you want to continue? [Y/n/?] Y


File for autorun - create and paste the following text into it
nano /etc/init.d/radiusd
autostart file /etc/init.d/radiusd 
#!/bin/sh
#
# radiusd  Start the radius daemon.
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
#
#    Copyright (C) 2001-2008 The FreeRADIUS Project http://www.freeradius.org
#   chkconfig: - 58 74
#   description: radiusd is service access provider Daemon.
### BEGIN INIT INFO
# Provides: radiusd
# Required-Start: $remote_fs $network $syslog
# Should-Start: mysql radiusd
# Required-Stop: $remote_fs $syslog
# Should-Stop: radiusd
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop radiusd
# Description: radiusd is access provider service Daemon.
### END INIT INFO

prefix=/usr/local/freeradius
exec_prefix=${prefix}
sbindir=${exec_prefix}/sbin
localstatedir=/var
logdir=${localstatedir}/log/radius
rundir=/usr/local/freeradius/var/run/radiusd/
sysconfdir=${prefix}/etc
#
#  If you have issues with OpenSSL, uncomment these next lines.
#
#  Something similar may work for MySQL, and you may also
#  have to LD_PRELOAD libz.so
#
#LD_LIBRARY_PATH=
#LD_RUN_PATH=:
#LD_PRELOAD=libcrypto.so
export LD_LIBRARY_PATH LD_RUN_PATH LD_PRELOAD

RADIUSD=$sbindir/radiusd
RADDBDIR=${sysconfdir}/raddb
RADIUS_USER='freerad'
DESC="FreeRADIUS"

#
#  See 'man radiusd' for details on command-line options.
#
ARGS=""

test -f $RADIUSD || exit 0
test -f $RADDBDIR/radiusd.conf || exit 0

if [ ! -d $rundir ] ; then
    mkdir $rundir
    chown ${RADIUS_USER}:${RADIUS_USER} $rundir
    chmod 775 $rundir
fi

if [ ! -d $logdir ] ; then
    mkdir $logdir
    chown ${RADIUS_USER}:${RADIUS_USER} $logdir
    chmod 770 $logdir
    chmod g+s $logdir
fi

if [ ! -f $logdir/radius.log ]; then
        touch $logdir/radius.log
fi

chown ${RADIUS_USER}:${RADIUS_USER} $logdir/radius.log
chown -R ${RADIUS_USER}:${RADIUS_USER} /usr/local/freeradius/etc/raddb
chown -R ${RADIUS_USER}:${RADIUS_USER} ${rundir}/..
chmod 660 $logdir/radius.log

case "$1" in
  start)
  echo -n "Starting $DESC:"
  $RADIUSD $ARGS
  echo "radiusd"
  ;;
  stop)
  [ -z "$2" ] && echo -n "Stopping $DESC: "
        [ -f $rundir/radiusd.pid ] && kill -TERM `cat $rundir/radiusd.pid`
  [ -z "$2" ] && echo "radiusd."
  ;;
  reload|force-reload)
  echo "Reloading $DESC configuration files."
  [ -f $rundir/radiusd.pid ] && kill -HUP `cat $rundir/radiusd.pid`
  ;;
  restart)
  sh $0 stop quiet
  sleep 3
  sh $0 start
  ;;
  check)
  $RADIUSD -CX $ARGS
  exit $?
  ;;
  *)
        echo "Usage: /etc/init.d/$RADIUS {start|stop|reload|restart|check}"
        exit 1
        stop
        ;;
  status)
        status \$prog
        ;;
  restart|force-reload)
        stop
        start
        ;;
  try-restart|condrestart)
        if status \$prog > /dev/null; then
            stop
            start
        fi
        ;;
  reload)
        exit 3
        ;;
  *)
        echo \$"Usage: \$0 {start|stop|status|restart|try-restart|force-reload}"
        exit 2
esac


Turn on autoload
chmod +x /etc/init.d/radiusd
update-rc.d radiusd defaults
update-rc.d radiusd enable


Installing ABillS configuration files
rm /usr/local/freeradius/etc/raddb/sites-enabled/*
cp /usr/abills/misc/freeradius/v3/mods-enabled/perl /usr/local/freeradius/etc/raddb/mods-enabled/perl
cp /usr/abills/misc/freeradius/v3/mods-enabled/sql /usr/local/freeradius/etc/raddb/mods-enabled/sql
cp /usr/abills/misc/freeradius/v3/sites-enabled/abills_default /usr/local/freeradius/etc/raddb/sites-enabled/abills_default
cp /usr/abills/misc/freeradius/v3/sites-enabled/control-socket /usr/local/freeradius/etc/raddb/sites-enabled/control-socket
cp /usr/abills/misc/freeradius/v3/users /usr/local/freeradius/etc/raddb/users
Change in radius config
nano /usr/local/freeradius/etc/raddb/radiusd.conf

  prefix = /usr/local/freeradius
  
  user = freerad
  group = freerad
Thanks to the sql module, you can store access servers in the database (you still need to restart the radius after adding/changing servers, but you don't need to edit clients.conf).
We clear the list of access servers from /usr/local/freeradius/etc/raddb/clients.conf (so that there are no duplicates due to entries in the database)
echo '' > /usr/local/freeradius/etc/raddb/clients.conf
cp /usr/abills/misc/freeradius/v3/mods-enabled/sql /usr/local/freeradius/etc/raddb/mods-enabled/

Fill the database connection parameters we need

nano  /usr/local/freeradius/etc/raddb/mods-enabled/sql
sql {
        database = "mysql"
        driver = "rlm_sql_${database}"
        server = "localhost"
        port = 3306
        login = "abills"
        password = "sqlpassword"  #instead of sqlpassword we substitute our value from $conf{dbpasswd}
        radius_db = "abills"    
      
At the end of the file
         '%secretkey%' меняем на ваше значение, которое записано в $conf{secretkey}
Create user and group (if freeradius has not been installed before, it won't start without it)
groupadd freerad
useradd -g freerad -s /bash/bash freerad
chown -R freerad:freerad /usr/local/freeradius/etc/raddb
mkdir /var/run/radiusd/
chown -R freerad:freerad /var/run/radiusd/
start in debug mode
radiusd -X
If it starts without errors, run
service radiusd start

After install Abills

Wite periodic processes
/etc/crontab
*/5  *      *    *     *   root   /usr/abills/libexec/billd -all
1     0     *    *     *   root    /usr/abills/libexec/periodic daily
1     1     *    *     *   root    /usr/abills/libexec/periodic monthly


and give access to SQL error logging
touch /usr/abills/var/log/sql_errors && chmod 666 /usr/abills/var/log/sql_errors
Add links to gzip and mysqldump to create database backups:
ln -s /bin/gzip /usr/bin/gzip
ln -s /usr/bin/mysqldump /usr/local/bin/mysqldump


Web admin interface: (IP address can be found using ip a)

https://your.host:9443/admin/

Default administrator login abills password abills
Web interface for users:

https://your.host:9443/

Check

To check if the service is configured correctly, you need to run the radtest utility by specifying the login and password of an existing user.
apt-get install freeradius-utils 
Login: test Password: 123456
radtest test 123456 127.0.0.1:1812 0 secretpass 0 127.0.0.1
If everything is configured correctly, in the error log Report>Internet>Last connection, the line should appear
2014-12-23 12:55:55 LOG_INFO: AUTH [test] NAS: 1 (xxx.xxx.xxx.xxx) GT: 0.03799
If the error log is empty, then communication with the RADIUS server is not properly configured (go through the FreeRadius section again).
  • No labels