* Fixed cron log rotation.
* Put module libraries in own directory.
- * Added generalized SQL support for ODBC, Oracle, and Postgres.
+ * Added generalized SQL support for ODBC, Oracle, MySQL, and Postgres.
* Removed bogus build-dep. (closes: Bug#87277)
* Added shasta, microsoft, and redback dictionaries.
* Fixed rc.d restart rule.
* Better permissions on /etc/raddb
+ * Added a user to own the daemon and logfiles.
+ * Use correct LDAP library.
-- Chad Miller <cmiller@debian.org> [TBA]
Source: radiusd-freeradius
-Build-Depends: libltdl0-dev, libpam0g-dev, postgresql-dev, libmysqlclient6-dev, libgdbm1-dev, libopenldap1, libsnmp4.1-dev, libiodbc2-dev
+Build-Depends: libltdl0-dev, libpam0g-dev, postgresql-dev, libmysqlclient6-dev, libgdbm1-dev, libldap2-dev, libsasl-dev, libsnmp4.1-dev, libiodbc2-dev, libkrb5-dev, comerr-dev
Section: net
Priority: optional
Maintainer: Chad Miller <cmiller@debian.org>
Package: radiusd-freeradius
Architecture: any
-Depends: ${shlibs:Depends}, libltdl0
+Depends: ${shlibs:Depends}
Provides: radiusd
Conflicts: radiusd, radiusd-livingston, radiusd-cistron
Description: A high-performance and highly configurable RADIUS server
generally similar to Livingston's 2.0 server, with support for...
- many vendor-specific attributes
- proxying and replicating requests by any criteria
- - authentication on system passwd, SQL, LDAP, users, or PAM
+ - authentication on system passwd, SQL, LDAP, users, kerberos, or PAM
- multiple DEFAULT configurations
- regexp matching in string attributes
and lots more.
-#! /bin/sh -e
+#! /bin/sh
+
+set -e
case "$1" in
configure)
+
+ addgroup --system freerad || true
+ adduser --system --no-create-home --home /etc/raddb --ingroup freerad --disabled-password freerad || true
+
+ # make sure there is a user and group 'freerad'
+ groups freerad |grep freerad
+
update-rc.d freeradius defaults 50 >/dev/null
- if [ ! -d /var/log/freeradius ]
- then
- mkdir -p /var/log/freeradius
+
+ if [ ! -d /var/log/radiusd-freeradius ]; then
+ mkdir -p /var/log/radiusd-freeradius
fi
- if [ ! -f /var/log/freeradius/radius.log ]
- then
- touch /var/log/freeradius/radius.log
- chmod 640 /var/log/freeradius/radius.log
- chown nobody:adm /var/log/freeradius/radius.log
+
+ if [ ! -f /var/log/radiusd-freeradius/radius.log ]; then
+ touch /var/log/radiusd-freeradius/radius.log
fi
- if [ ! -f /var/log/freeradius/radwtmp ]
- then
- touch /var/log/freeradius/radwtmp
- chmod 644 /var/log/freeradius/radwtmp
- chown nobody:adm /var/log/freeradius/radwtmp
+
+ if [ ! -f /var/log/radiusd-freeradius/radwtmp ]; then
+ touch /var/log/radiusd-freeradius/radwtmp
fi
+
+ find /etc/raddb -type f -exec chgrp freerad {} \; -exec chmod 660 {} \;
+ find /etc/raddb -type d -exec chgrp freerad {} \; -exec chmod 2770 {} \;
+ find /var/log/radiusd-freeradius -exec chown freerad {} \; -exec chgrp freerad {} \;
+
/etc/init.d/freeradius start
;;
abort-upgrade)
-#! /bin/sh -e
+#! /bin/sh
+
+set -e
if [ "$1" = "remove" -o "$1" = "purge" ]
then
remove)
;;
purge)
- if [ -d /var/log/freeradius ]
+ if [ -d /var/log/radiusd-freeradius ]
then
- cd /var/log/freeradius
+ cd /var/log/radiusd-freeradius
rm -f radius.log radius.log.0 radius.log.*.gz
rm -f radwtmp radwtmp.0 radwtmp.*.gz
rm -f radutmp radwatch.log
[ -d radacct ] && rm -rf radacct
cd /var/log
- rm -rf /var/log/freeradius
+ rm -rf /var/log/radiusd-freeradius
fi
rm -rf /etc/raddb
+ deluser freerad || true
+ delgroup freerad || true
;;
*)
;;
-#! /bin/sh -e
+#! /bin/sh
+
+set -e
case "$1" in
remove)
exec_prefix = /usr
mandir = $(exec_prefix)/share/man
libdir = $(exec_prefix)/lib/freeradius
-logdir = /var/log/freeradius
+logdir = /var/log/radiusd-freeradius
pkgdocdir = $(exec_prefix)/share/doc/radiusd-freeradius
raddbdir = $(prefix)/etc/raddb
-build: clean
+build:
# Builds the binary package.
dh_testdir
# dh_testroot
- ./configure --prefix=$(prefix) --exec-prefix=$(exec_prefix) --libdir=$(libdir) --mandir=$(mandir) --with-logdir=$(logdir) --with-thread-pool --enable-ltdl-install=no
+ ./configure --prefix=$(prefix) --exec-prefix=$(exec_prefix) --libdir=$(libdir) --mandir=$(mandir) --with-logdir=$(logdir) --with-thread-pool --enable-ltdl-install=no --enable-strict-dependencies
make
touch build
# Architecture independant files.
-binary-indep: clean
+binary-indep: build
# Make a binary package (.deb file)
-binary-arch: build
+binary-arch: build
dh_clean
dh_installdirs
make install prefix=$(prefix) exec_prefix=$(exec_prefix) mandir=$(mandir) libdir=$(libdir) R=$(tmp)
# clean up install cruft. $$&@!%
rmdir $(tmp)/$(execprefix)/include
rm $(tmp)/$(execprefix)/usr/sbin/rc.radiusd
- # fix install permissions
- chmod 700 $(tmp)/$(raddbdir)
- chmod 600 $(tmp)/$(raddbdir)/*
# man pages & docs
dh_undocumented
install -g root -m 644 CREDITS $(tmp)/$(pkgdocdir)/credits
install -g root -m 755 scripts/radiusd.cron.daily $(tmp)/$(prefix)/etc/cron.daily/freeradius
install -g root -m 755 scripts/radiusd.cron.monthly $(tmp)/$(prefix)/etc/cron.monthly/freeradius
install -g root -m 755 scripts/rc.radiusd $(tmp)/$(prefix)/etc/init.d/freeradius
- # fix up conf file -- all of these should be commented on in README.Debian
- cp $(tmp)/$(raddbdir)/radiusd.conf newconf
- cat newconf \
+ TEMPFILE=`mktemp /tmp/radconf-XXXXXX`
+ cp $(tmp)/$(raddbdir)/radiusd.conf $$TEMPFILE
+ cat $$TEMPFILE \
| sed -e 's/ / /g' \
- | sed -e '/^ example {/,/^ }/s/^/#deb#/' \
- | sed -e '/^ sql .*{/,/^ }/s/^/#deb#/' \
- | sed -e '/^ always .*{/,/^ }/s/^/#deb#/' \
+ | sed -e '/^ example {/,/^ }/s/^/#/' \
+ | sed -e '/^ always .*{/,/^ }/s/^/#/' \
| sed -e 's/^ # shadow =/ shadow =/' \
- | sed -e 's/^group = nobody/group = nogroup/' \
+ | sed -e 's/^group = nobody/group = freerad/' \
+ | sed -e 's/^user = nobody/user = freerad/' \
> $(tmp)/$(raddbdir)/radiusd.conf
- rm newconf
+ rm $$TEMPFILE
#
dh_strip
dh_installdeb
dh_builddeb
clean:
- dh_clean
- [ -f Make.inc ] && make distclean || true
rm -f build debian/{files,substvars} debian/*.debhelper
+ [ -f Make.inc ] && make distclean || true
+ dh_clean
rm -rf $(tmp)
binary: binary-indep binary-arch