2017-07-18 14:00:26 +00:00
|
|
|
From 958f470cda2ba8943f02f13d1b46f357f92d9639 Mon Sep 17 00:00:00 2001
|
2014-09-08 10:04:08 +00:00
|
|
|
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
|
|
|
Date: Mon, 8 Sep 2014 12:32:13 +0300
|
2015-08-19 11:37:10 +00:00
|
|
|
Subject: [PATCH] Adjust configuration to fit Red Hat specifics
|
2014-09-08 10:04:08 +00:00
|
|
|
|
|
|
|
---
|
|
|
|
raddb/mods-available/eap | 4 ++--
|
|
|
|
raddb/radiusd.conf.in | 7 +++----
|
|
|
|
2 files changed, 5 insertions(+), 6 deletions(-)
|
|
|
|
|
|
|
|
diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
|
2017-07-18 14:00:26 +00:00
|
|
|
index 2621e183c..94494b2c6 100644
|
2014-09-08 10:04:08 +00:00
|
|
|
--- a/raddb/mods-available/eap
|
|
|
|
+++ b/raddb/mods-available/eap
|
2019-03-06 18:07:44 +00:00
|
|
|
@@ -533,7 +533,7 @@
|
2013-11-26 23:33:56 +00:00
|
|
|
# You should also delete all of the files
|
|
|
|
# in the directory when the server starts.
|
2019-03-06 18:07:44 +00:00
|
|
|
#
|
|
|
|
- # tmpdir = /tmp/radiusd
|
|
|
|
+ # tmpdir = /var/run/radiusd/tmp
|
2014-09-08 10:04:08 +00:00
|
|
|
|
2013-11-26 23:33:56 +00:00
|
|
|
# The command used to verify the client cert.
|
|
|
|
# We recommend using the OpenSSL command-line
|
2019-03-06 18:07:44 +00:00
|
|
|
@@ -548,7 +548,7 @@
|
2013-11-26 23:33:56 +00:00
|
|
|
# deleted by the server when the command
|
|
|
|
# returns.
|
2019-03-06 18:07:44 +00:00
|
|
|
#
|
|
|
|
- # client = "/path/to/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
|
|
|
|
+ # client = "/usr/bin/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
|
2013-11-26 23:33:56 +00:00
|
|
|
}
|
2014-09-08 10:04:08 +00:00
|
|
|
|
2019-03-06 18:07:44 +00:00
|
|
|
# OCSP Configuration
|
2014-09-08 10:04:08 +00:00
|
|
|
diff --git a/raddb/radiusd.conf.in b/raddb/radiusd.conf.in
|
2017-07-18 14:00:26 +00:00
|
|
|
index a83c1f687..e500cf97b 100644
|
2014-09-08 10:04:08 +00:00
|
|
|
--- a/raddb/radiusd.conf.in
|
|
|
|
+++ b/raddb/radiusd.conf.in
|
|
|
|
@@ -70,8 +70,7 @@ certdir = ${confdir}/certs
|
2013-10-13 14:18:09 +00:00
|
|
|
cadir = ${confdir}/certs
|
|
|
|
run_dir = ${localstatedir}/run/${name}
|
2014-09-08 10:04:08 +00:00
|
|
|
|
2013-10-13 14:18:09 +00:00
|
|
|
-# Should likely be ${localstatedir}/lib/radiusd
|
|
|
|
-db_dir = ${raddbdir}
|
|
|
|
+db_dir = ${localstatedir}/lib/radiusd
|
2014-09-08 10:04:08 +00:00
|
|
|
|
2013-10-13 14:18:09 +00:00
|
|
|
#
|
|
|
|
# libdir: Where to find the rlm_* modules.
|
2017-07-18 14:00:26 +00:00
|
|
|
@@ -398,8 +397,8 @@ security {
|
2013-07-22 22:52:14 +00:00
|
|
|
# member. This can allow for some finer-grained access
|
|
|
|
# controls.
|
|
|
|
#
|
|
|
|
-# user = radius
|
|
|
|
-# group = radius
|
|
|
|
+ user = radiusd
|
|
|
|
+ group = radiusd
|
2014-09-08 10:04:08 +00:00
|
|
|
|
2013-07-22 22:52:14 +00:00
|
|
|
# Core dumps are a bad thing. This should only be set to
|
|
|
|
# 'yes' if you're debugging a problem with the server.
|
2014-09-08 10:04:08 +00:00
|
|
|
--
|
2017-07-18 14:00:26 +00:00
|
|
|
2.13.2
|
2014-09-08 10:04:08 +00:00
|
|
|
|