7 if ! id freerad >/dev/null 2>&1; then
8 addgroup --system freerad || true
9 groups freerad 2>/dev/null || adduser --system --no-create-home --home /etc/freeradius --ingroup freerad --disabled-password freerad
11 # make sure there is a user and group 'freerad'
12 groups freerad |grep freerad >/dev/null
14 # put user freerad in group shadow, so the daemon can auth locally
15 adduser freerad shadow
18 update-rc.d freeradius defaults 50 >/dev/null
20 if [ ! -d /var/log/freeradius ]; then
21 mkdir -p /var/log/freeradius
24 if [ ! -f /var/log/freeradius/radius.log ]; then
25 touch /var/log/freeradius/radius.log
28 if [ ! -f /var/log/freeradius/radwtmp ]; then
29 touch /var/log/freeradius/radwtmp
32 if [ ! -d /var/run/freeradius ]; then
33 mkdir /var/run/freeradius
36 chown -R freerad:freerad /var/log/freeradius
37 chown -R freerad:freerad /var/run/freeradius
38 chgrp -R freerad /etc/freeradius
40 # Leave the file /etc/freeradius/dictionary with the default
41 # permissions: it should not contain secrets, and this allows
42 # to run radclient with a non-privileged user.
43 find /etc/freeradius -type d -exec chmod 2751 {} \;
44 find /etc/freeradius -type f \! -name dictionary -exec chmod 640 {} \;
52 if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
53 invoke-rc.d freeradius $action || true
55 /etc/init.d/freeradius $action
61 if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
62 invoke-rc.d freeradius start || true
64 /etc/init.d/freeradius start