1 Summary: High-performance and highly configurable free RADIUS server
5 License: GPLv2+ and LGPLv2+
6 Group: System Environment/Daemons
7 URL: http://www.freeradius.org/
9 Source0: ftp://ftp.freeradius.org/pub/radius/freeradius-server-%{version}.tar.bz2
10 Source100: freeradius-radiusd-init
11 Source102: freeradius-logrotate
12 Source103: freeradius-pam-conf
14 Patch1: freeradius-cert-config.patch
16 Obsoletes: freeradius-devel
17 Obsoletes: freeradius-libs
19 %define docdir %{_docdir}/freeradius-%{version}
20 %define initddir %{?_initddir:%{_initddir}}%{!?_initddir:%{_initrddir}}
22 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
24 BuildRequires: autoconf
25 BuildRequires: gdbm-devel
26 BuildRequires: libtool
27 BuildRequires: libtool-ltdl-devel
29 BuildRequires: openssl-devel
30 BuildRequires: pam-devel
31 BuildRequires: zlib-devel
32 BuildRequires: net-snmp-devel
33 BuildRequires: net-snmp-utils
34 BuildRequires: readline-devel
35 BuildRequires: libpcap-devel
37 Requires(pre): shadow-utils glibc-common
38 Requires(post): /sbin/chkconfig
39 Requires(preun): /sbin/chkconfig
42 The FreeRADIUS Server Project is a high performance and highly configurable
43 GPL'd free RADIUS server. The server is similar in some respects to
44 Livingston's 2.0 server. While FreeRADIUS started as a variant of the
45 Cistron RADIUS server, they don't share a lot in common any more. It now has
46 many more features than Cistron or Livingston, and is much more configurable.
48 FreeRADIUS is an Internet authentication daemon, which implements the RADIUS
49 protocol, as defined in RFC 2865 (and others). It allows Network Access
50 Servers (NAS boxes) to perform authentication for dial-up users. There are
51 also RADIUS clients available for Web servers, firewalls, Unix logins, and
52 more. Using RADIUS allows authentication and authorization for a network to
53 be centralized, and minimizes the amount of re-configuration which has to be
54 done when adding or deleting new users.
57 Group: System Environment/Daemons
58 Summary: FreeRADIUS utilities
59 Requires: %{name} = %{version}-%{release}
60 Requires: libpcap >= 0.9.4
63 The FreeRADIUS server has a number of features found in other servers,
64 and additional features not found in any other server. Rather than
65 doing a feature by feature comparison, we will simply list the features
66 of the server, and let you decide if they satisfy your needs.
68 Support for RFC and VSA Attributes Additional server configuration
69 attributes Selecting a particular configuration Authentication methods
72 Summary: LDAP support for freeradius
73 Group: System Environment/Daemons
74 Requires: %{name} = %{version}-%{release}
75 BuildRequires: openldap-devel
78 This plugin provides the LDAP support for the FreeRADIUS server project.
81 Summary: Kerberos 5 support for freeradius
82 Group: System Environment/Daemons
83 Requires: %{name} = %{version}-%{release}
84 BuildRequires: krb5-devel
87 This plugin provides the Kerberos 5 support for the FreeRADIUS server project.
90 Summary: Perl support for freeradius
91 Group: System Environment/Daemons
92 Requires: %{name} = %{version}-%{release}
93 Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
94 %{?fedora:BuildRequires: perl-devel}
99 BuildRequires: perl-devel
101 BuildRequires: perl(ExtUtils::Embed)
104 This plugin provides the Perl support for the FreeRADIUS server project.
107 Summary: Python support for freeradius
108 Group: System Environment/Daemons
109 Requires: %{name} = %{version}-%{release}
110 BuildRequires: python-devel
113 This plugin provides the Python support for the FreeRADIUS server project.
116 Summary: MySQL support for freeradius
117 Group: System Environment/Daemons
118 Requires: %{name} = %{version}-%{release}
119 BuildRequires: mysql-devel
122 This plugin provides the MySQL support for the FreeRADIUS server project.
125 Summary: Postgresql support for freeradius
126 Group: System Environment/Daemons
127 Requires: %{name} = %{version}-%{release}
128 BuildRequires: postgresql-devel
130 %description postgresql
131 This plugin provides the postgresql support for the FreeRADIUS server project.
134 Summary: Unix ODBC support for freeradius
135 Group: System Environment/Daemons
136 Requires: %{name} = %{version}-%{release}
137 BuildRequires: unixODBC-devel
139 %description unixODBC
140 This plugin provides the unixODBC support for the FreeRADIUS server project.
144 %setup -q -n freeradius-server-%{version}
145 %patch1 -p1 -b .cert-config
147 # Some source files mistakenly have execute permissions set
148 find $RPM_BUILD_DIR/freeradius-server-%{version} \( -name '*.c' -o -name '*.h' \) -a -perm /0111 -exec chmod a-x {} +
152 export CFLAGS="$RPM_OPT_FLAGS -fPIC"
154 export CFLAGS="$RPM_OPT_FLAGS -fpic"
158 --libdir=%{_libdir}/freeradius \
159 --with-system-libtool \
160 --with-system-libltdl \
161 --disable-ltdl-install \
166 --with-docdir=%{docdir} \
167 --with-rlm-sql_postgresql-include-dir=/usr/include/pgsql \
168 --with-rlm-sql-postgresql-lib-dir=%{_libdir} \
169 --with-rlm-sql_mysql-include-dir=/usr/include/mysql \
170 --with-mysql-lib-dir=%{_libdir}/mysql \
171 --with-unixodbc-lib-dir=%{_libdir} \
172 --with-rlm-dbm-lib-dir=%{_libdir} \
173 --with-rlm-krb5-include-dir=/usr/kerberos/include \
174 --with-modules="rlm_wimax" \
175 --without-rlm_eap_ikev2 \
176 --without-rlm_sql_iodbc \
177 --without-rlm_sql_firebird \
178 --without-rlm_sql_db2 \
179 --without-rlm_sql_oracle
181 %if "%{_lib}" == "lib64"
182 perl -pi -e 's:sys_lib_search_path_spec=.*:sys_lib_search_path_spec="/lib64 /usr/lib64 /usr/local/lib64":' libtool
188 mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/radiusd
189 # fix for bad libtool bug - can not rebuild dependent libs and bins
190 #FIXME export LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir}
191 make install R=$RPM_BUILD_ROOT
192 # modify default configuration
193 RADDB=$RPM_BUILD_ROOT%{_sysconfdir}/raddb
194 perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radiusd.conf
195 perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radiusd.conf
197 mkdir -p $RPM_BUILD_ROOT/var/log/radius/radacct
198 touch $RPM_BUILD_ROOT/var/log/radius/{radutmp,radius.log}
200 install -D -m 755 %{SOURCE100} $RPM_BUILD_ROOT/%{initddir}/radiusd
201 install -D -m 644 %{SOURCE102} $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/radiusd
202 install -D -m 644 %{SOURCE103} $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/radiusd
204 mkdir -p %{buildroot}%{_localstatedir}/run/
205 install -d -m 0710 %{buildroot}%{_localstatedir}/run/radiusd/
207 # remove unneeded stuff
209 rm -f $RPM_BUILD_ROOT/usr/sbin/rc.radiusd
210 rm -rf $RPM_BUILD_ROOT/%{_libdir}/freeradius/*.a
211 rm -rf $RPM_BUILD_ROOT/%{_libdir}/freeradius/*.la
212 rm -rf $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/sql/mssql
213 rm -rf $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/sql/oracle
214 rm -rf $RPM_BUILD_ROOT/%{_datadir}/dialup_admin/sql/oracle
215 rm -rf $RPM_BUILD_ROOT/%{_datadir}/dialup_admin/lib/sql/oracle
216 rm -rf $RPM_BUILD_ROOT/%{_datadir}/dialup_admin/lib/sql/drivers/oracle
218 # remove header files, we don't ship a devel package and the
219 # headers have multilib conflicts
220 rm -rf $RPM_BUILD_ROOT/%{_includedir}
222 # remove unsupported config files
223 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/experimental.conf
225 # install doc files omitted by standard install
226 for f in COPYRIGHT CREDITS INSTALL README.rst; do
227 cp $f $RPM_BUILD_ROOT/%{docdir}
229 cp LICENSE $RPM_BUILD_ROOT/%{docdir}/LICENSE.gpl
230 cp src/lib/LICENSE $RPM_BUILD_ROOT/%{docdir}/LICENSE.lgpl
231 cp src/LICENSE.openssl $RPM_BUILD_ROOT/%{docdir}/LICENSE.openssl
233 # add Red Hat specific documentation
234 cat >> $RPM_BUILD_ROOT/%{docdir}/REDHAT << EOF
236 Red Hat, RHEL, Fedora, and CentOS specific information can be found on the
237 FreeRADIUS Wiki in the Red Hat FAQ.
239 http://wiki.freeradius.org/guide/Red_Hat_FAQ
241 Please reference that document.
246 # Make sure our user/group is present prior to any package or subpackage installation
248 getent group radiusd >/dev/null || /usr/sbin/groupadd -r -g 95 radiusd > /dev/null 2>&1
249 getent passwd radiusd >/dev/null || /usr/sbin/useradd -r -g radiusd -u 95 -c "radiusd user" -s /sbin/nologin radiusd > /dev/null 2>&1
253 if [ $1 -eq 1 ]; then # install
254 /sbin/chkconfig --add radiusd
255 if [ ! -e /etc/raddb/certs/server.pem ]; then
256 /sbin/runuser -g radiusd -c 'umask 007; /etc/raddb/certs/bootstrap' > /dev/null 2>&1
262 if [ $1 -eq 0 ]; then # uninstall
263 /sbin/service radiusd stop > /dev/null 2>&1
264 /sbin/chkconfig --del radiusd
270 if [ $1 -ge 1 ]; then # upgrade
271 /sbin/service radiusd condrestart >/dev/null 2>&1
273 if [ $1 -eq 0 ]; then # uninstall
274 getent passwd radiusd >/dev/null && /usr/sbin/userdel radiusd > /dev/null 2>&1
275 getent group radiusd >/dev/null && /usr/sbin/groupdel radiusd > /dev/null 2>&1
280 %defattr(-,root,root)
282 %config(noreplace) %{_sysconfdir}/pam.d/radiusd
283 %config(noreplace) %{_sysconfdir}/logrotate.d/radiusd
285 %dir %attr(710,radiusd,radiusd) %{_localstatedir}/run/radiusd
286 %dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd
288 %dir %attr(755,root,radiusd) /etc/raddb
289 %defattr(-,root,radiusd)
290 %attr(644,root,radiusd) %config(noreplace) /etc/raddb/dictionary
291 %config(noreplace) /etc/raddb/acct_users
292 %config(noreplace) /etc/raddb/attrs
293 %config(noreplace) /etc/raddb/attrs.access_challenge
294 %config(noreplace) /etc/raddb/attrs.access_reject
295 %config(noreplace) /etc/raddb/attrs.accounting_response
296 %config(noreplace) /etc/raddb/attrs.pre-proxy
297 %dir %attr(770,root,radiusd) /etc/raddb/certs
298 %attr(750,root,radiusd) /etc/raddb/certs/bootstrap
299 %config(noreplace) /etc/raddb/certs/Makefile
300 %config(noreplace) /etc/raddb/certs/README
301 %config(noreplace) /etc/raddb/certs/xpextensions
302 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/certs/*.cnf
303 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/clients.conf
304 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/eap.conf
305 %config(noreplace) %attr(640,root,radiusd) /etc/raddb/example.pl
306 %config(noreplace) /etc/raddb/hints
307 %config(noreplace) /etc/raddb/huntgroups
308 %config(noreplace) /etc/raddb/ldap.attrmap
309 %dir %attr(750,root,radiusd) /etc/raddb/modules
310 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/modules/*
311 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/panic.gdb
312 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/policy.conf
313 %config(noreplace) /etc/raddb/policy.txt
314 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/preproxy_users
315 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/proxy.conf
316 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/radiusd.conf
317 %dir %attr(750,root,radiusd) /etc/raddb/sql
318 %dir %attr(750,root,radiusd) /etc/raddb/sql/*
319 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/sql/*/*
320 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/sql.conf
321 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/sqlippool.conf
322 %dir %attr(750,root,radiusd) /etc/raddb/sites-available
323 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/sites-available/*
324 %dir %attr(750,root,radiusd) /etc/raddb/sites-enabled
325 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/sites-enabled/*
326 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/templates.conf
327 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/users
329 %defattr(-,root,root)
332 %doc %{_mandir}/man5/*
333 %doc %{_mandir}/man8/*
335 %dir %attr(755,root,root) /usr/share/freeradius
336 /usr/share/freeradius/*
338 %dir %attr(700,radiusd,radiusd) /var/log/radius/
339 %dir %attr(700,radiusd,radiusd) /var/log/radius/radacct/
340 %ghost %attr(644,radiusd,radiusd) /var/log/radius/radutmp
341 %ghost %attr(600,radiusd,radiusd) /var/log/radius/radius.log
343 %attr(755,root,root) %{_libdir}/freeradius/lib*.so*
344 # RADIUS Loadable Modules
345 %dir %attr(755,root,root) %{_libdir}/freeradius
346 %{_libdir}/freeradius/rlm_*.so
351 %doc %{_mandir}/man1/*
368 * Thu May 9 2013 Fajar A. Nugraha <list@fajar.net> - 2.2.1-1
369 - bump version number to 2.2.1
370 - package everything in only two RPM: freeradius and freeradius-utils
371 - adapted spec file to be more generic
373 * Tue Apr 10 2012 John Dennis <jdennis@redhat.com> - 2.1.12-2
374 - resolves: bug#810605 Segfault with freeradius-perl threading