- new versin 1.1.7
- install snmp MIB files
- dropped LDAP_DEPRECATED flag, it is upstream
- marked config files for sub packages as config (rhbz#240400)
- moved db files to /var/lib/raddb (rhbz#199082)
This commit is contained in:
Thomas Woerner 2007-08-07 16:18:24 +00:00
parent 24f5fed452
commit 1b64b7d917
3 changed files with 104 additions and 42 deletions

View File

@ -0,0 +1,37 @@
diff -up freeradius-1.1.7/raddb/radiusd.conf.in.db_dir freeradius-1.1.7/raddb/radiusd.conf.in
--- freeradius-1.1.7/raddb/radiusd.conf.in.db_dir 2007-08-07 15:41:35.000000000 +0200
+++ freeradius-1.1.7/raddb/radiusd.conf.in 2007-08-07 15:44:47.000000000 +0200
@@ -33,6 +33,11 @@ radacctdir = @radacctdir@
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
+# Location of db files
+# Please use this directory for all db files (e.g. db.daily, db.ippool and
+# db.ipindex).
+db_dir = ${localstatedir}/lib/radiusd
+
#
# The logging messages for the server are appended to the
# tail of this file.
@@ -1398,7 +1403,7 @@ $INCLUDE ${confdir}/eap.conf
# 'check-name' attribute.
#
counter daily {
- filename = ${raddbdir}/db.daily
+ filename = ${db_dir}/db.daily
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
@@ -1713,10 +1718,10 @@ $INCLUDE ${confdir}/eap.conf
cache-size = 800
# session-db: The main db file used to allocate ip's to clients
- session-db = ${raddbdir}/db.ippool
+ session-db = ${db_dir}/db.ippool
# ip-index: Helper db index file used in multilink
- ip-index = ${raddbdir}/db.ipindex
+ ip-index = ${db_dir}/db.ipindex
# override: Will this ippool override a Framed-IP-Address already set
override = no

View File

@ -1,6 +1,7 @@
--- freeradius-1.1.3/src/modules/rlm_ldap/rlm_ldap.c.ldap 2006-05-09 01:45:02.000000000 +0200
+++ freeradius-1.1.3/src/modules/rlm_ldap/rlm_ldap.c 2006-11-13 15:51:48.000000000 +0100
@@ -1013,7 +1013,7 @@
diff -up freeradius-1.1.7/src/modules/rlm_ldap/rlm_ldap.c.ldap freeradius-1.1.7/src/modules/rlm_ldap/rlm_ldap.c
--- freeradius-1.1.7/src/modules/rlm_ldap/rlm_ldap.c.ldap 2007-06-18 11:00:27.000000000 +0200
+++ freeradius-1.1.7/src/modules/rlm_ldap/rlm_ldap.c 2007-08-06 14:40:31.000000000 +0200
@@ -1041,7 +1041,7 @@ static int ldap_groupcmp(void *instance,
radlog(L_ERR, "rlm_ldap: Add ldap connections are in use");
return 1;
}
@ -9,7 +10,7 @@
filter, group_attrs,&result)) != RLM_MODULE_OK){
DEBUG("rlm_ldap::ldap_groupcmp: Search returned error");
ldap_release_conn(conn_id, inst->conns);
@@ -1327,7 +1327,7 @@
@@ -1356,7 +1356,7 @@ ldap_authorize(void *instance, REQUEST *
strNcpy(filter,inst->base_filter,sizeof(filter));
if (user_profile)
@ -18,16 +19,16 @@
if (profile && strlen(profile)){
if ((res = perform_search(instance, conn,
profile, LDAP_SCOPE_BASE,
@@ -1430,7 +1430,7 @@
return RLM_MODULE_FAIL;
@@ -1460,7 +1460,7 @@ ldap_authorize(void *instance, REQUEST *
}
added_known_password = 1;
passwd_len = strlen(passwd_val);
- strncpy(passwd_item->strvalue,passwd_val,MAX_STRING_LEN - 1);
+ strncpy((char *)passwd_item->strvalue,passwd_val,MAX_STRING_LEN - 1);
passwd_item->length = (passwd_len > (MAX_STRING_LEN - 1)) ? (MAX_STRING_LEN - 1) : passwd_len;
pairadd(&request->config_items,passwd_item);
DEBUG("rlm_ldap: Added password %s in check items",passwd_item->strvalue);
@@ -1748,16 +1748,16 @@
@@ -1804,12 +1804,12 @@ ldap_authenticate(void *instance, REQUES
ldap_msgfree(result);
}
@ -42,12 +43,16 @@
1, &res, NULL);
#else
@@ -1954,7 +1954,7 @@ retry:
}
}
- ld_user = ldap_connect(instance, user_dn, request->password->strvalue,
+ ld_user = ldap_connect(instance, user_dn, (char *)request->password->strvalue,
1, &res, &err);
if(err != NULL){
@@ -2023,7 +2023,7 @@
@@ -2208,7 +2208,7 @@ ldap_connect(void *instance, const char
#ifdef HAVE_LDAP_INT_TLS_CONFIG
@ -56,8 +61,8 @@
(inst->tls_require_cert) )
!= LDAP_OPT_SUCCESS) {
radlog(L_ERR, "rlm_ldap: could not set "
@@ -2430,7 +2430,7 @@
}
@@ -2622,7 +2622,7 @@ ldap_pairget(LDAP * ld, LDAPMessage * en
if (do_xlat) {
newpair->flags.do_xlat = 1;
- strNcpy(newpair->strvalue, buf,

View File

@ -1,7 +1,7 @@
Summary: High-performance and highly configurable free RADIUS server
Name: freeradius
Version: 1.1.6
Release: 2%{?dist}
Version: 1.1.7
Release: 1%{?dist}
License: GPL
Group: System Environment/Daemons
URL: http://www.freeradius.org/
@ -23,7 +23,8 @@ Patch4: freeradius-0.9.0-com_err.patch
Patch8: freeradius-1.0.0-samba3.patch
Patch10: freeradius-1.1.3-build.patch
Patch11: freeradius-1.1.2-no_sql_inc.patch
Patch12: freeradius-1.1.3-ldap.patch
Patch12: freeradius-1.1.7-ldap.patch
Patch13: freeradius-1.1.7-db_dir.patch
%description
The FreeRADIUS Server Project is a high performance and highly configurable
@ -80,13 +81,14 @@ This plugin provides the unixODBC bindings for the FreeRADIUS server project.
%patch10 -p1 -b .build
%patch11 -p1 -b .no_sql_inc
%patch12 -p1 -b .ldap
%patch13 -p1 -b .db_dir
%build
%ifarch s390 s390x
export CFLAGS="$RPM_OPT_FLAGS -fPIC -DLDAP_DEPRECATED"
export CFLAGS="$RPM_OPT_FLAGS -fPIC"
%else
export CFLAGS="$RPM_OPT_FLAGS -fpic -DLDAP_DEPRECATED"
export CFLAGS="$RPM_OPT_FLAGS -fpic"
%endif
# bad fix for libtool: clear buildroot early, set LDFLAGS to buildroot libdir
@ -118,6 +120,8 @@ make #%{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/{logrotate.d,pam.d,rc.d/init.d}
# create database directory
mkdir -p $RPM_BUILD_ROOT/var/lib/radiusd
# fix for bad libtool bug - can not rebuild dependent libs and bins
export LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir}
@ -134,6 +138,10 @@ install -m 755 redhat/rc.radiusd-redhat $RPM_BUILD_ROOT/%{_initrddir}/radiusd
install -m 644 redhat/radiusd-logrotate $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/radiusd
install -m 644 redhat/radiusd-pam $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/radiusd
# install SNMP MIB files
mkdir -p $RPM_BUILD_ROOT%{_datadir}/snmp/mibs/
install -m 644 mibs/RADIUS*.txt $RPM_BUILD_ROOT%{_datadir}/snmp/mibs/
# remove unwanted rc.radiusd
rm -f $RPM_BUILD_ROOT%{_prefix}/sbin/rc.radiusd
@ -186,32 +194,33 @@ fi
%files
%defattr(-,root,root,-)
%doc %{_docdir}/freeradius-%{version}/
%config (noreplace) %{_sysconfdir}/pam.d/radiusd
%config (noreplace) %{_sysconfdir}/logrotate.d/radiusd
%config (noreplace) %{_initrddir}/radiusd
%config(noreplace) %{_sysconfdir}/pam.d/radiusd
%config(noreplace) %{_sysconfdir}/logrotate.d/radiusd
%config(noreplace) %{_initrddir}/radiusd
%dir %attr(0700,radiusd,radiusd) %{_sysconfdir}/raddb
%dir %attr(0700,radiusd,radiusd) %{_sysconfdir}/raddb/certs
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/acct_users
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/attrs
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/certs/*
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/clients
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/clients.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/dictionary
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/eap.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/example.pl
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/hints
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/huntgroups
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/ldap.attrmap
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/naslist
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/naspasswd
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/otp.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/preproxy_users
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/proxy.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/radiusd.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/realms
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/snmp.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/sqlippool.conf
%config %attr(0600,radiusd,radiusd) (noreplace) %{_sysconfdir}/raddb/users
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/acct_users
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/attrs
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/certs/*
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/clients
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/clients.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/dictionary
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/eap.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/example.pl
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/hints
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/huntgroups
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/ldap.attrmap
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/naslist
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/naspasswd
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/otp.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/postgresqlippool.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/preproxy_users
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/proxy.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/radiusd.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/realms
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/snmp.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/sqlippool.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/users
%{_bindir}/*
%{_libdir}/libeap*.so
%{_libdir}/libradius*.so
@ -255,9 +264,11 @@ fi
%{_libdir}/rlm_sql-%{version}.so
%{_libdir}/rlm_sql.so
%{_libdir}/rlm_sqlcounter*.so
%{_libdir}/rlm_sqlippool*.so
%{_libdir}/rlm_sql_log*.so
%{_libdir}/rlm_unix*.so
%{_datadir}/freeradius
%{_datadir}/snmp/mibs/RADIUS*.txt
%{_sbindir}/*
%{_mandir}/man1/*.1*
%{_mandir}/man5/*.5*
@ -268,24 +279,33 @@ fi
%ghost %attr(0600,radiusd,radiusd) /var/log/radius/radius.log
%attr(0700,radiusd,radiusd) %dir /var/log/radius/radacct
%attr(0700,radiusd,radiusd) %dir /var/run/radiusd
# use only for database files:
%attr(0700,radiusd,radiusd) %dir /var/lib/radiusd
%files mysql
%defattr(-,root,root,-)
%attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/sql.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/sql.conf
%{_libdir}/*_mysql*.so
%files postgresql
%defattr(-,root,root,-)
%attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/postgresql.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/postgresql.conf
%{_libdir}/*_postgresql*.so
%files unixODBC
%defattr(-,root,root,-)
%attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/mssql.conf
%config(noreplace) %attr(0600,radiusd,radiusd) %{_sysconfdir}/raddb/mssql.conf
%{_libdir}/*_unixodbc*.so
%changelog
* Tue Aug 7 2007 Thomas Woerner <twoerner@redhat.com> 1.1.7-1
- new versin 1.1.7
- install snmp MIB files
- dropped LDAP_DEPRECATED flag, it is upstream
- marked config files for sub packages as config (rhbz#240400)
- moved db files to /var/lib/raddb (rhbz#199082)
* Fri Jun 15 2007 Thomas Woerner <twoerner@redhat.com> 1.1.6-2
- radiusd expects /etc/raddb to not be world readable or writable
/etc/raddb now belongs to radiusd, post script sets permissions