From 2b03ea3ce077e97b7b4315e84f7e09013b83e3e2 Mon Sep 17 00:00:00 2001 From: "Alan T. DeKok" Date: Wed, 19 May 2010 15:08:16 +0200 Subject: [PATCH 1/1] As supplied by RedHat. These files are direct copies of the upstream RedHat files, and should work better on most RedHat systems --- redhat/freeradius-logrotate | 56 ++++++++++++++++++++ redhat/freeradius-pam-conf | 6 +++ redhat/freeradius-radiusd-init | 113 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 175 insertions(+) create mode 100644 redhat/freeradius-logrotate create mode 100644 redhat/freeradius-pam-conf create mode 100755 redhat/freeradius-radiusd-init diff --git a/redhat/freeradius-logrotate b/redhat/freeradius-logrotate new file mode 100644 index 0000000..8c5c6fb --- /dev/null +++ b/redhat/freeradius-logrotate @@ -0,0 +1,56 @@ +# You can use this to rotate the /var/log/radius/* files, simply copy +# it to /etc/logrotate.d/radiusd + +# There are different detail-rotating strategies you can use. One is +# to write to a single detail file per IP and use the rotate config +# below. Another is to write to a daily detail file per IP with: +# detailfile = ${radacctdir}/%{Client-IP-Address}/%Y%m%d-detail +# (or similar) in radiusd.conf, without rotation. If you go with the +# second technique, you will need another cron job that removes old +# detail files. You do not need to comment out the below for method #2. +/var/log/radius/radacct/*/detail { + monthly + rotate 4 + nocreate + missingok + compress +} + +/var/log/radius/checkrad.log { + monthly + rotate 4 + create + missingok + compress +} + +/var/log/radius/radius.log { + monthly + rotate 4 + create + missingok + compress +} + +/var/log/radius/radutmp { + monthly + rotate 4 + create + compress + missingok +} + +/var/log/radius/radwtmp { + monthly + rotate 4 + create + compress + missingok +} +/var/log/radius/sqltrace.sql { + monthly + rotate 4 + create + compress + missingok +} diff --git a/redhat/freeradius-pam-conf b/redhat/freeradius-pam-conf new file mode 100644 index 0000000..090c4a5 --- /dev/null +++ b/redhat/freeradius-pam-conf @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth include password-auth +account required pam_nologin.so +account include password-auth +password include password-auth +session include password-auth diff --git a/redhat/freeradius-radiusd-init b/redhat/freeradius-radiusd-init new file mode 100755 index 0000000..977a51f --- /dev/null +++ b/redhat/freeradius-radiusd-init @@ -0,0 +1,113 @@ +#!/bin/sh +# +# radiusd Start/Stop the FreeRADIUS daemon +# +# chkconfig: - 88 10 +# description: Extensible, configurable, high performance RADIUS server. + +### BEGIN INIT INFO +# Provides: radiusd +# Required-Start: $network +# Required-Stop: +# Default-Start: +# Default-Stop: +# Should-Start: $time $syslog mysql ldap postgresql samba krb5-kdc +# Should-Stop: +# Short-Description: FreeRADIUS server +# Description: Extensible, configurable, high performance RADIUS server. +### END INIT INFO + +# Source function library. +. /etc/rc.d/init.d/functions + +prog=radiusd + +[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog + +exec=${exec:=/usr/sbin/$prog} +config_dir=${config_dir:=/etc/raddb} +config=${config:=$config_dir/radiusd.conf} +pidfile=${pidfile:=/var/run/$prog/$prog.pid} +lockfile=${lockfile:=/var/lock/subsys/radiusd} + +start() { + [ -x $exec ] || exit 5 + [ -f $config ] || exit 6 + echo -n $"Starting $prog: " + daemon --pidfile $pidfile $exec -d $config_dir + retval=$? + echo + [ $retval -eq 0 ] && touch $lockfile + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + killproc -p $pidfile $prog + retval=$? + echo + [ $retval -eq 0 ] && rm -f $lockfile + return $retval +} + +restart() { + stop + start +} + +reload() { + # radiusd may not be capable of a 100% configuration reload depending + # on which loadable modules are in use, if sending the server a + # HUP is not sufficient then use restart here instead. However, we + # prefer by default to use HUP since it's what is usually desired. + # + # restart + + kill -HUP `pidofproc -p $pidfile $prog` +} + +force_reload() { + restart +} + +rh_status() { + # run checks to determine if the service is running or use generic status + status -p $pidfile $prog +} + +rh_status_q() { + rh_status >/dev/null 2>&1 +} + + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload + ;; + status) + rh_status + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" + exit 2 +esac +exit $? -- 2.1.4