As a network admin, you're going to have at least one Freeradius running, mostly for 802.1x authentication. At my place the problem arised, that the service was down too often - for different reasons.
1.) Logrotate
If you're using logrotate, you should check out /etc/logrotate.d/freeradius:
/var/log/freeradius/*.log {
weekly
rotate 52
compress
delaycompress
notifempty
missingok
postrotate
invoke-rc.d freeradius reload >/dev/null 2>&1 || true
endscript
}
Logrotate does restart freeradius after it swapped the logs with reload, which often results in a crash or race condition (freeradius does not shutdown fast enough, and the restarting process thinks it already got one running process - and both terminate). So to change that, you should stop the process, wait, and start again.
/var/log/freeradius/*.log {
weekly
rotate 52
compress
delaycompress
notifempty
missingok
postrotate
invoke-rc.d freeradius stop >/dev/null 2>&1 || true
sleep 5
invoke-rc.d freeradius start >/dev/null 2>&1 || true
endscript
}
2.) Monit
monit is an monitoring programm which checks wheter a service is still running.
Install via: sudo apt-get install monit
Configure:
vi /etc/monit/conf.d/freeradius
check process freeradius with pidfile "/var/run/freeradius/freeradius.pid" start program "/etc/init.d/freeradius start" stop program "/etc/init.d/freeradius stop" if failed host 127.0.0.1 port 1812 type udp protocol radius secret RADIUSSECRET then alert if failed host 127.0.0.1 port 1813 type udp protocol radius secret RADIUSSECRET then alert if 5 restarts within 5 cycles then timeout
sudo service monit restart
You should change the RADIUSSECRET to the one of your freeradius.