Accepting request 203485 from home:vitezslav_cizek:branches:network

- update to 3.0.0 * new feature release * see /usr/share/doc/packages/freeradius-server/ChangeLog for complete list of changes in this release * documentation for upgrading from 2.x is in /etc/raddb/README.rst - drop oracle support (wasn't built anyway) - dropped patches (obsolete): * freeradius-server-2.1.6-codecleanup.patch * freeradius-server-2.1.6-dialup_admin.patch * freeradius-server-2.1.1-edirectory.patch - added systemd service unit * radiusd.service - added systemd-tmpfile for /var/run/radiusd * freeradius-tmpfiles.conf - added gpg-offline verification * freeradius-server.keyring OBS-URL: https://build.opensuse.org/request/show/203485 OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=51
2013-10-16 18:25:42 +00:00 · 2013-10-16 18:25:42 +00:00 · 80e6dde4db
commit 80e6dde4db
parent 97a37fd089
15 changed files with 530 additions and 583 deletions
--- a/freeradius-server-2.1.1-edirectory.patch
+++ b/freeradius-server-2.1.1-edirectory.patch
@ -1,136 +0,0 @@
 Index: src/modules/rlm_ldap/edir_ldapext.c
 ===================================================================
 --- src/modules/rlm_ldap/edir_ldapext.c.orig	2011-06-20 16:57:14.000000000 +0200
 +++ src/modules/rlm_ldap/edir_ldapext.c	2011-09-27 15:05:37.913323658 +0200
@@ -84,11 +84,11 @@
 	BerElement *requestBer = NULL;
 	char    * utf8ObjPtr = NULL;
 -	int     utf8ObjSize = 0;
 +	ber_len_t utf8ObjSize = 0;
 	char    * utf8PwdPtr = NULL;
 -	int     utf8PwdSize = 0;
 +	ber_len_t utf8PwdSize = 0;
 	char    * utf8Pwd2Ptr = NULL;
 -	int     utf8Pwd2Size = 0;
 +	ber_len_t utf8Pwd2Size = 0;
 	utf8ObjSize = strlen(objectDN)+1;
@@ -142,7 +142,7 @@
 	/*
 	 * Convert the BER we just built to a berval that we'll send with the extended request.
 	 */
 -	if(ber_flatten(requestBer, requestBV) == LBER_ERROR)
 +	if(ber_flatten(requestBer, requestBV) == -1)
 	{
 		err = NMAS_E_FRAG_FAILURE;
 		goto Cleanup;
@@ -172,16 +172,17 @@
  *		buffer was supplied, tries to decode the the return data and length
  *
  * ------------------------------------------------------------------------ */
 -int berDecodeLoginData(
 +ber_int_t berDecodeLoginData(
 	struct berval *replyBV,
 -	int      *serverVersion,
 -	size_t   *retDataLen,
 +	ber_int_t *serverVersion,
 +	ber_len_t *retDataLen,
 	void     *retData )
 {
 -	int rc=0, err = 0;
 +	int rc=0;
 +	ber_int_t err = 0;
 	BerElement *replyBer = NULL;
 	char    *retOctStr = NULL;
 -	size_t  retOctStrLen = 0;
 +	ber_len_t retOctStrLen = 0;
 	if((replyBer = ber_init(replyBV)) == NULL)
 	{
@@ -258,14 +259,14 @@
 	size_t   *pwdSize,	// in bytes
 	char     *pwd )
 {
 -	int err = 0;
 +	ber_int_t err = 0;
 	struct berval *requestBV = NULL;
 	char *replyOID = NULL;
 	struct berval *replyBV = NULL;
 -	int serverVersion;
 +	ber_int_t serverVersion;
 	char *pwdBuf;
 -	size_t pwdBufLen, bufferLen;
 +	ber_len_t pwdBufLen, bufferLen;
 #ifdef	NOT_N_PLAT_NLM
 	int currentThreadGroupID;
@@ -390,29 +391,29 @@
  *              and BER encodes the data into the BER value
  *
  * ------------------------------------------------------------------------ */
 -int berEncodeAuthData(
 +static int berEncodeAuthData(
         struct berval **requestBV,
         char    *objectDN,
         char    *pwd,
         char    *sequence,
         char    *NasIP,
         char    *state,
 -        int     *auth_state)
 +        ber_int_t     *auth_state)
 {
         int err = 0, rc=0;
         BerElement *requestBer = NULL;
         char    * utf8ObjPtr = NULL;
 -        int     utf8ObjSize = 0;
 +        ber_len_t     utf8ObjSize = 0;
         char    * utf8PwdPtr = NULL;
 -        int     utf8PwdSize = 0;
 +        ber_len_t     utf8PwdSize = 0;
         char    * utf8NasIPPtr = NULL;
 -        int     utf8NasIPSize = 0;
 +        ber_len_t     utf8NasIPSize = 0;
         char    * utf8StatePtr = NULL;
 -        int     utf8StateSize = 0;
 +        ber_len_t     utf8StateSize = 0;
         char    * utf8SeqPtr = NULL;
 -        int     utf8SeqSize = 0;
 -        int state_present = 0;
 +        ber_len_t     utf8SeqSize = 0;
 +        ber_int_t state_present = 0;
         utf8ObjSize = strlen(objectDN)+1;
         utf8ObjPtr = objectDN;
@@ -494,12 +495,12 @@
  *              buffer was supplied, tries to decode the the return data and length
  *
  * ------------------------------------------------------------------------ */
 -int berDecodeAuthData(
 +static int berDecodeAuthData(
         struct berval *replyBV,
 -        int      *errCode,
 -        size_t   *retDataLen,
 +        ber_int_t *errCode,
 +        ber_len_t *retDataLen,
         char     *retData,
 -        int      *auth_state )
 +        ber_int_t *auth_state )
 {
         int rc=0, err = 0;
         BerElement *replyBer = NULL;
@@ -563,9 +564,9 @@
         struct berval *requestBV = NULL;
         char *replyOID = NULL;
         struct berval *replyBV = NULL;
 -        int errCode;
 +        ber_int_t errCode;
         char *challenge;
 -        size_t challengesize;
 +        ber_len_t challengesize;
         challengesize = *statesize;
         challenge = (char *)malloc(challengesize+2);
--- a/freeradius-server-2.1.1-logrotate_su.patch
+++ b/freeradius-server-2.1.1-logrotate_su.patch
@ -1,7 +1,7 @@
-Index: freeradius-server-2.1.12/suse/radiusd-logrotate
+Index: freeradius-server-3.0.0/suse/radiusd-logrotate
 ===================================================================
--- freeradius-server-2.1.12.orig/suse/radiusd-logrotate	2013-01-08 18:25:29.358157621 +0100
+--- freeradius-server-3.0.0.orig/suse/radiusd-logrotate	2013-10-15 18:26:37.704603079 +0200
-+++ freeradius-server-2.1.12/suse/radiusd-logrotate	2013-01-08 18:28:38.487684634 +0100
+++ freeradius-server-3.0.0/suse/radiusd-logrotate	2013-10-15 18:27:37.232218844 +0200
@@ -6,6 +6,7 @@
 # second technique, you will need another cron job that removes old
 # detail files.  You do not need to comment out the below for method #2.
@ -18,13 +18,13 @@ Index: freeradius-server-2.1.12/suse/radiusd-logrotate
     compress
     dateext
     maxage 365
-@@ -25,10 +27,12 @@
+@@ -25,11 +27,12 @@
     missingok
     create
     postrotate
 -	kill -HUP `cat /var/run/radiusd/radiusd.pid`
 +	kill -HUP `cat /var/run/radiusd/radiusd.pid` || :
-+    endscript
+     endscript
 }
 /var/log/radius/radwatch.log {
@ -32,7 +32,7 @@ Index: freeradius-server-2.1.12/suse/radiusd-logrotate
     compress
     dateext
     maxage 365
-@@ -40,6 +44,7 @@
+@@ -41,6 +44,7 @@
 }
 /var/log/radius/radwtmp {
@ -40,10 +40,10 @@ Index: freeradius-server-2.1.12/suse/radiusd-logrotate
     compress
     dateext
     maxage 365
-@@ -54,6 +59,7 @@
+@@ -55,6 +59,7 @@
 }
- /var/log/radius/sqltrace.sql {
+ /var/log/radius/sqllog.sql {
 +    su radiusd radiusd
     compress
     dateext
--- a/freeradius-server-2.1.6-codecleanup.patch
+++ b/freeradius-server-2.1.6-codecleanup.patch
@ -1,64 +0,0 @@
 Index: src/modules/rlm_smb/rfcnb-util.c
 ===================================================================
 --- src/modules/rlm_smb/rfcnb-util.c.orig	2010-06-21 21:15:56.000000000 +0200
 +++ src/modules/rlm_smb/rfcnb-util.c	2010-06-21 21:16:06.000000000 +0200
@@ -208,7 +208,7 @@ struct RFCNB_Pkt *RFCNB_Alloc_Pkt(int n)
 /* Free up a packet */
 -int RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt)
 +void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt)
 { struct RFCNB_Pkt *pkt_next; char *data_ptr;
 Index: src/modules/rlm_smb/rfcnb-util.h
 ===================================================================
 --- src/modules/rlm_smb/rfcnb-util.h.orig	2010-06-21 21:15:56.000000000 +0200
 +++ src/modules/rlm_smb/rfcnb-util.h	2010-06-21 21:16:06.000000000 +0200
@@ -52,3 +52,4 @@ int RFCNB_Session_Req(struct RFCNB_Con *
 		      struct in_addr *Dest_IP,
 		      int * port);
 +void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt);
 Index: src/modules/rlm_smb/session.c
 ===================================================================
 --- src/modules/rlm_smb/session.c.orig	2010-06-21 21:15:56.000000000 +0200
 +++ src/modules/rlm_smb/session.c	2010-06-21 21:16:06.000000000 +0200
@@ -41,6 +41,7 @@ int RFCNB_saved_errno = 0;
 #include "rfcnb-priv.h"
 #include "rfcnb-util.h"
 +#include "rfcnb-io.h"
 int RFCNB_Stats[RFCNB_MAX_STATS];
@@ -315,7 +316,7 @@ int RFCNB_Set_Sock_NoDelay(struct RFCNB_
 void *RFCNB_Listen()
 {
 -
 +  return NULL;
 }
 /* Pick up the last error response as a string, hmmm, this routine should */
@@ -357,7 +358,7 @@ int RFCNB_Get_Last_Errno()
 /* Pick up the last error response and return in string ...             */
 -int RFCNB_Get_Error_Msg(int code, char *msg_buf, int len)
 +void RFCNB_Get_Error_Msg(int code, char *msg_buf, int len)
 {
 Index: src/modules/rlm_smb/smbencrypt.c
 ===================================================================
 --- src/modules/rlm_smb/smbencrypt.c.orig	2010-06-21 21:15:56.000000000 +0200
 +++ src/modules/rlm_smb/smbencrypt.c	2010-06-21 21:16:06.000000000 +0200
@@ -25,6 +25,7 @@
 RCSID("$Id$")
 #include <string.h>
 +#include <ctype.h>
 #ifdef HAVE_SYS_VFS_H
 #include <sys/vfs.h>
 #endif
--- a/freeradius-server-2.1.6-dialup_admin.patch
+++ b/freeradius-server-2.1.6-dialup_admin.patch
@ -1,192 +0,0 @@
 Index: dialup_admin/bin/backup_radacct
 ===================================================================
 --- dialup_admin/bin/backup_radacct.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/backup_radacct	2010-06-21 21:15:57.000000000 +0200
@@ -2,7 +2,7 @@
 use POSIX;
 use File::Temp;
 -$conf=shift||'/data/local/dialupadmin/conf/admin.conf';
 +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
 $back_days = 80;
 $backup_directory = "/logs/radiusd/accounting";
@@ -48,4 +48,4 @@ $comm = "$sqlcmd  -U $sql_username -f $t
 $command = "$sqlcmd  $sql_username/$pass" . "@" . "$sql_database <$tmpfile.$server" if ($sql_type eq 'oracle');
 $command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' < $tmp_filename >$backup_directory/$date3" if ($sql_type eq 'sqlrelay');
 `$comm`;
 -`/usr/local/bin/gzip -9 $backup_directory/$date3`;
 +`/usr/bin/gzip -9 $backup_directory/$date3`;
 Index: dialup_admin/bin/clean_radacct
 ===================================================================
 --- dialup_admin/bin/clean_radacct.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/clean_radacct	2010-06-21 21:15:57.000000000 +0200
@@ -7,7 +7,7 @@
 use POSIX;
 use File::Temp;
 -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
 +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
 $back_days = 35;
 Index: dialup_admin/bin/clearsession
 ===================================================================
 --- dialup_admin/bin/clearsession.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/clearsession	2010-06-21 21:15:57.000000000 +0200
@@ -49,8 +49,8 @@ if ($nastype eq 'cisco' && $type eq 'tel
 }
 if ($nastype eq 'cisco' && $type eq 'snmp'){
 -	$SNMPGET="/usr/local/bin/snmpget";
 -	$SNMPSET="/usr/local/bin/snmpset";
 +	$SNMPGET="/usr/bin/snmpget";
 +	$SNMPSET="/usr/bin/snmpset";
 	die "Could not find snmpwalk binary. Please make sure that the \$SNMPGET variable points to the right location\n" if (! -x $SNMPGET);
 	die "Could not find snmpset binary. Please make sure that the \$SNMPSET variable points to the right location\n" if (! -x $SNMPSET);
 Index: dialup_admin/bin/dialup_admin.cron
 ===================================================================
 --- dialup_admin/bin/dialup_admin.cron.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/dialup_admin.cron	2010-06-21 21:15:57.000000000 +0200
@@ -1,4 +1,4 @@
 -1 0 * * * /usr/local/dialup_admin/bin/tot_stats >/dev/null 2>&1
 -5 0 * * * /usr/local/dialup_admin/bin/monthly_tot_stats >/dev/null 2>&1
 -10 0 1 * * /usr/local/dialup_admin/bin/truncate_radacct >/dev/null 2>&1
 -15 0 1 * * /usr/local/dialup_admin/bin/clean_radacct >/dev/null 2>&1
 +1 0 * * * /usr/share/dialup_admin/bin/tot_stats >/dev/null 2>&1
 +5 0 * * * /usr/share/dialup_admin/bin/monthly_tot_stats >/dev/null 2>&1
 +10 0 1 * * /usr/share/dialup_admin/bin/truncate_radacct >/dev/null 2>&1
 +15 0 1 * * /usr/share/dialup_admin/bin/clean_radacct >/dev/null 2>&1
 Index: dialup_admin/bin/log_badlogins
 ===================================================================
 --- dialup_admin/bin/log_badlogins.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/log_badlogins	2010-06-21 21:15:57.000000000 +0200
@@ -18,7 +18,7 @@ use File::Temp;
 $|=1;
 $file=shift||'none';
 -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
 +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
 $all_file=shift||'no';
 #
 # Uncomment to force inserts even if there are sql errors. That can
 Index: dialup_admin/bin/monthly_tot_stats
 ===================================================================
 --- dialup_admin/bin/monthly_tot_stats.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/monthly_tot_stats	2010-06-21 21:15:57.000000000 +0200
@@ -9,7 +9,7 @@ use File::Temp;
 # Works only with mysql and postgresql
 #
 -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
 +$conf=shift||'/usr/sharel/dialup_admin/conf/admin.conf';
 open CONF, "<$conf"
 Index: dialup_admin/bin/showmodem
 ===================================================================
 --- dialup_admin/bin/showmodem.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/showmodem	2010-06-21 21:15:57.000000000 +0200
@@ -7,7 +7,7 @@ $user=shift;
 $comm=shift || "public";
 $type=shift|| "xml";
 -$conf='/usr/local/dialup_admin/conf/admin.conf';
 +$conf='/usr/share/dialup_admin/conf/admin.conf';
 open CONF, "<$conf"
 	or die "Could not open configuration file\n";
 while(<CONF>){
 Index: dialup_admin/bin/snmpfinger
 ===================================================================
 --- dialup_admin/bin/snmpfinger.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/snmpfinger	2010-06-21 21:15:57.000000000 +0200
@@ -6,7 +6,7 @@ $host=shift;
 $comm=shift || 'public';
 $type=shift || 'cisco';
 -$conf='/usr/local/dialup_admin/conf/admin.conf';
 +$conf='/usr/share/dialup_admin/conf/admin.conf';
 open CONF, "<$conf"
 	or die "Could not open configuration file\n";
 while(<CONF>){
 Index: dialup_admin/bin/tot_stats
 ===================================================================
 --- dialup_admin/bin/tot_stats.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/tot_stats	2010-06-21 21:15:57.000000000 +0200
@@ -8,7 +8,7 @@ use File::Temp;
 # Works with mysql and postgresql
 #
 -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
 +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
 open CONF, "<$conf"
 Index: dialup_admin/bin/truncate_radacct
 ===================================================================
 --- dialup_admin/bin/truncate_radacct.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/bin/truncate_radacct	2010-06-21 21:15:57.000000000 +0200
@@ -7,7 +7,7 @@
 use POSIX;
 use File::Temp;
 -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
 +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
 $back_days = 90;
 Index: dialup_admin/conf/admin.conf
 ===================================================================
 --- dialup_admin/conf/admin.conf.orig	2010-06-21 21:15:56.000000000 +0200
 +++ dialup_admin/conf/admin.conf	2010-06-21 21:15:57.000000000 +0200
@@ -19,11 +19,11 @@ general_charset: iso-8859-1
 #
 # The directory where dialupadmin is installed
 #
 -general_base_dir: /usr/local/dialup_admin
 +general_base_dir: /usr/share/dialup_admin
 #
 # The base directory of the freeradius radius installation
 #
 -general_radiusd_base_dir: /usr/local/radiusd
 +general_radiusd_base_dir: /
 general_domain: company.com
 #
 # Set it to yes to use sessions and cache the various mappings
@@ -66,8 +66,8 @@ general_show_user_password: yes
 general_raddb_dir: %{general_radiusd_base_dir}/etc/raddb
 general_ldap_attrmap: %{general_raddb_dir}/ldap.attrmap
 # Need to fix admin.conf file parser
 -#general_clients_conf: %{general_raddb_dir}/clients.conf
 -general_clients_conf: /usr/local/etc/raddb/clients.conf
 +general_clients_conf: %{general_raddb_dir}/clients.conf
 +#general_clients_conf: /usr/local/etc/raddb/clients.conf
 general_sql_attrmap: %{general_base_dir}/conf/sql.attrmap
 general_accounting_attrs_file: %{general_base_dir}/conf/accounting.attrs
 general_extra_ldap_attrmap: %{general_base_dir}/conf/extra.ldap-attrmap
@@ -260,7 +260,7 @@ sql_show_all_groups: true
 # This variable is used by the scripts in the bin folder
 # It should contain the path to the sql binary used to run
 # sql commands (mysql, psql, oracle and sqlrelay are only supported for now)
 -sql_command: /usr/local/bin/mysql
 +sql_command: /usr/bin/mysql
 #sql_command: /usr/bin/psql
 #sql_command: /usr/bin/sqlplus
 #
@@ -269,12 +269,12 @@ sql_command: /usr/local/bin/mysql
 # used to run snmp commands. 
 # (ucd = UCD-Snmp and net = Net-Snmp are only supported for now)
 general_snmp_type: net
 -general_snmpwalk_command: /usr/local/bin/snmpwalk
 -general_snmpget_command: /usr/local/bin/snmpget
 +general_snmpwalk_command: /usr/bin/snmpwalk
 +general_snmpget_command: /usr/bin/snmpget
 #
 # Uncomment to enable sql debug
 #
 -sql_debug: true
 +#sql_debug: true
 #
 # If set to yes then the HTTP credentials (http authentication)
 # will be used to connect to the sql server instead of sql_username
--- a/freeradius-server-2.1.6-rcradiusd.patch
+++ b/freeradius-server-2.1.6-rcradiusd.patch
@ -1,30 +1,13 @@
 Index: suse/rcradius-relayd
 ===================================================================
 --- suse/rcradius-relayd.orig	2010-06-21 21:15:56.000000000 +0200
 +++ suse/rcradius-relayd	2010-06-21 21:16:03.000000000 +0200
@@ -12,8 +12,8 @@
 #
 ### BEGIN INIT INFO
 # Provides:          radius-relayd
 -# Required-Start:    $network $syslog $remotefs
 -# Required-Stop:
 +# Required-Start:    $network $syslog $remote_fs
 +# Required-Stop:     $network $syslog $remote_fs
 # Default-Start:     3 5
 # Default-Stop:      0 1 2 6
 # Short-Description: RADIUS Relay Server
 Index: suse/rcradiusd
 ===================================================================
--- suse/rcradiusd.orig	2010-06-21 21:15:56.000000000 +0200
+--- suse/rcradiusd.orig	2013-10-15 18:18:25.099506165 +0200
-+++ suse/rcradiusd	2010-06-21 21:16:03.000000000 +0200
+++ suse/rcradiusd	2013-10-15 18:19:02.741895731 +0200
-@@ -12,8 +12,8 @@
+@@ -14,7 +14,7 @@
 #
 ### BEGIN INIT INFO
 # Provides:          radiusd
-# Required-Start:    $network $syslog $remotefs
+ # Required-Start:    $network $syslog $remotefs
-# Required-Stop:
+ # Should-Start:      $time ypbind smtp
-+# Required-Start:    $network $syslog $remote_fs
+-# Required-Stop:     $syslog $remote_fs
 +# Required-Stop:     $network $syslog $remote_fs
 # Should-Stop:       ypbind smtp
 # Default-Start:     3 5
 # Default-Stop:      0 1 2 6
 # Short-Description: RADIUS-Server
--- a/freeradius-server-2.2.0.tar.bz2
+++ b/freeradius-server-2.2.0.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:ad3e58fe2a723cbaafb8ca87677382a84bfb16e81b24f0d9ded71355a0218d35
 size 2703349
--- a/freeradius-server-3.0.0.tar.bz2
+++ b/freeradius-server-3.0.0.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:59ab4c376d0a77814b5e95eb610aed40cb8593365a33d196d7528bd6bece547b
 size 2628377
--- a/freeradius-server-3.0.0.tar.bz2.sig
+++ b/freeradius-server-3.0.0.tar.bz2.sig
--- a/freeradius-server-fix-cert-bootstrap.patch
+++ b/freeradius-server-fix-cert-bootstrap.patch
@ -1,17 +1,17 @@
-Index: freeradius-server-2.2.0/raddb/certs/Makefile
+Index: freeradius-server-3.0.0/raddb/certs/Makefile
 ===================================================================
--- freeradius-server-2.2.0.orig/raddb/certs/Makefile	2012-09-10 13:51:34.000000000 +0200
+--- freeradius-server-3.0.0.orig/raddb/certs/Makefile	2013-10-15 18:20:43.563939081 +0200
-+++ freeradius-server-2.2.0/raddb/certs/Makefile	2012-09-10 15:46:54.505208498 +0200
+++ freeradius-server-3.0.0/raddb/certs/Makefile	2013-10-15 18:21:35.382475281 +0200
@@ -51,7 +51,7 @@ dh:
 #  Create a new self-signed CA certificate
 #
 ######################################################################
-ca.key ca.pem: ca.cnf index.txt serial
+-ca.key ca.pem: ca.cnf
-+ca.key ca.pem: index.txt serial
+ca.key ca.pem:
 	@[ -f index.txt ] || $(MAKE) index.txt
 	@[ -f serial ] || $(MAKE) serial
 	openssl req -new -x509 -keyout ca.key -out ca.pem \
- 		-days $(CA_DEFAULT_DAYS) -config ./ca.cnf
+@@ -65,7 +65,7 @@ ca.der: ca.pem
@@ -63,7 +63,7 @@ ca.der: ca.pem
 #  Create a new server certificate, signed by the above CA.
 #
 ######################################################################
@ -20,7 +20,7 @@ Index: freeradius-server-2.2.0/raddb/certs/Makefile
 	openssl req -new  -out server.csr -keyout server.key -config ./server.cnf
 server.crt: server.csr ca.key ca.pem
-@@ -85,7 +85,7 @@ server.vrfy: ca.pem
+@@ -87,7 +87,7 @@ server.vrfy: ca.pem
 #  certificate.
 #
 ######################################################################
@ -29,10 +29,10 @@ Index: freeradius-server-2.2.0/raddb/certs/Makefile
 	openssl req -new  -out client.csr -keyout client.key -config ./client.cnf
 client.crt: client.csr ca.pem ca.key
-Index: freeradius-server-2.2.0/raddb/certs/bootstrap
+Index: freeradius-server-3.0.0/raddb/certs/bootstrap
 ===================================================================
--- freeradius-server-2.2.0.orig/raddb/certs/bootstrap	2012-09-10 13:51:34.000000000 +0200
+--- freeradius-server-3.0.0.orig/raddb/certs/bootstrap	2013-10-15 18:20:43.563939081 +0200
-+++ freeradius-server-2.2.0/raddb/certs/bootstrap	2012-11-10 15:34:07.926849849 +0100
+++ freeradius-server-3.0.0/raddb/certs/bootstrap	2013-10-15 18:20:45.669960874 +0200
@@ -21,7 +21,9 @@ make -h > /dev/null 2>&1
 #
 if [ "$?" = "0" ]; then
--- a/freeradius-server-initscript-pidfile.patch
+++ b/freeradius-server-initscript-pidfile.patch
@ -13,18 +13,3 @@ Index: freeradius-server-2.1.8/suse/rcradiusd
 	startproc $RADIUSD_BIN >/dev/null
 	rc_status -v	
 	;;
 Index: freeradius-server-2.1.8/suse/rcradius-relayd
 ===================================================================
 --- freeradius-server-2.1.8.orig/suse/rcradius-relayd	2010-05-03 15:37:35.000000000 +0200
 +++ freeradius-server-2.1.8/suse/rcradius-relayd	2010-05-03 15:38:58.000000000 +0200
@@ -31,6 +31,10 @@ rc_reset
 case "$1" in
     start)
 	echo -n "Starting RADIUS Relay daemon "
 +	# /var/run might be on tmpfs, create runtime directory if needed
 +	if [ ! -d /var/run/radiusd ]; then  
 +		install -d -m 0700 -g radiusd -o radiusd /var/run/radiusd
 +	fi
 	startproc $RADIUSD_BIN -s -n radrelay >/dev/null
 	rc_status -v	
 	;;
--- a/freeradius-server.changes
+++ b/freeradius-server.changes
@ -1,3 +1,23 @@
 -------------------------------------------------------------------
 Tue Oct 15 15:15:24 UTC 2013 - vcizek@suse.com
 - update to 3.0.0
  * new feature release
  * see /usr/share/doc/packages/freeradius-server/ChangeLog
    for complete list of changes in this release
  * documentation for upgrading from 2.x is in /etc/raddb/README.rst
 - drop oracle support (wasn't built anyway)
 - dropped patches (obsolete):
  * freeradius-server-2.1.6-codecleanup.patch
  * freeradius-server-2.1.6-dialup_admin.patch
  * freeradius-server-2.1.1-edirectory.patch
 - added systemd service unit
  * radiusd.service
 - added systemd-tmpfile for /var/run/radiusd
  * freeradius-tmpfiles.conf
 - added gpg-offline verification
  * freeradius-server.keyring
 -------------------------------------------------------------------
 Thu Sep  5 17:22:43 CEST 2013 - mls@suse.de
--- a/freeradius-server.keyring
+++ b/freeradius-server.keyring
@ -0,0 +1,15 @@
 pub   1024R/E402497D 2002-02-26
 uid                  Alan T. DeKok <aland@freeradius.org>
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v2.0.9 (GNU/Linux)
 mI0DPHvAUwAAAQQAurbJqE0YQ2rtnzGohprGUxg8Sp2daZ75BBGhtf7SYcn7GO+5
 T2JxVpAmuCtyCYf1LHlq8BlWLKmT9sFLDFTFtRl8X0tGwQ8kHZGmDZ4u7FKFiITH
 QIwIAhC8MUKbKCbj52qCSPX8EIiaSLye9Aihbnq5NOSyRm6rqS6Xi+QCSX0ABRG0
 JEFsYW4gVC4gRGVLb2sgPGFsYW5kQGZyZWVyYWRpdXMub3JnPokAlQMFEDx7wFOp
 LpeL5AJJfQEBe84D/A/FUpBe3J9BIWLxas9rRBRpHObyP0qdr271efbDMXXyd4ei
 DHMMh0lm0HbMNEppFs15itzPQucLmzFmoxyjQ2Qjs/aJ8TjZpZdq5K5hpgD24bqQ
 /4IWOmuisrQJzo1QvjudbEHnHnOSLHzkxSOQxs4XKtmtQopwcB5Z+PMx/RWS
 =keuR
 -----END PGP PUBLIC KEY BLOCK-----
--- a/freeradius-server.spec
+++ b/freeradius-server.spec
@ -16,35 +16,47 @@
 #
 %global with_sysvinit 0
 %if 0%{?suse_version} < 1310
 %global with_sysvinit 1
 %endif
 Name:           freeradius-server
-Version:        2.2.0
+%define unitname radiusd
 Version:        3.0.0
 Release:        0
 Summary:        Very Highly Configurable Radius Server
 License:        GPL-2.0 and LGPL-2.1
 Group:          Productivity/Networking/Radius/Servers
 Url:            http://www.freeradius.org/
-Source:         %{name}-%{version}.tar.bz2
+Source:         ftp://ftp.freeradius.org/pub/freeradius/%{name}-%{version}.tar.bz2
-Patch1:         freeradius-server-2.1.6-dialup_admin.patch
+Source1:        radiusd.service
 Source2:        freeradius-tmpfiles.conf
 Source10:       ftp://ftp.freeradius.org/pub/freeradius/%{name}-%{version}.tar.bz2.sig
 Source11:       %{name}.keyring
 Patch2:         freeradius-server-2.1.6-rcradiusd.patch
 Patch3:         freeradius-server-2.1.6-codecleanup.patch
 Patch7:         freeradius-server-fix-cert-bootstrap.patch
 Patch8:         freeradius-server-initscript-pidfile.patch
 Patch9:         freeradius-server-radius-reload-logrotate.patch
 # PATCH-FIX-UPSTREAM edirectory ldap extensions (bnc#720620)
 Patch11:        freeradius-server-2.1.1-edirectory.patch
 # PATCH-FIX-SUSE use 'su' logrotate option (bnc#677335)
 Patch12:        freeradius-server-2.1.1-logrotate_su.patch
 BuildRequires:  apache2-devel
 BuildRequires:  cyrus-sasl-devel
 BuildRequires:  db-devel
 BuildRequires:  freetds-devel
 BuildRequires:  gcc-c++
 BuildRequires:  gdbm-devel
 BuildRequires:  gettext-devel
 BuildRequires:  glibc-devel
 BuildRequires:  gpg-offline
 BuildRequires:  krb5-devel
 BuildRequires:  libcom_err-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidn-devel
 BuildRequires:  libjson-devel
 BuildRequires:  libmysqlclient-devel
 BuildRequires:  libpcap-devel
 BuildRequires:  libtalloc-devel
 BuildRequires:  libtool
 BuildRequires:  ncurses-devel
 BuildRequires:  net-snmp-devel
@ -54,16 +66,21 @@ BuildRequires:  pam-devel
 BuildRequires:  perl
 BuildRequires:  postgresql-devel
 BuildRequires:  python-devel
 BuildRequires:  ruby-devel
 BuildRequires:  sqlite3-devel
 BuildRequires:  unixODBC-devel
 BuildRequires:  pkgconfig(apr-1)
 %if 0%{?suse_version} > 1140
 BuildRequires:  systemd
 %endif
 %{?systemd_requires}
 PreReq:         %fillup_prereq
 PreReq:         %insserv_prereq
 PreReq:         coreutils
 PreReq:         openssl
 PreReq:         perl
 PreReq:         pwdutils
 %define _oracle_support 0
 %define apxs2 apxs2-prefork
 %define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
 Requires:       %{name}-libs = %{version}
@ -91,28 +108,6 @@ features are:
 * Accounting methods
 %if %_oracle_support == 1
 %package oracle
 Summary:        FreeRADIUS Oracle database support
 Group:          Productivity/Networking/Radius/Servers
 BuildRequires:  oracle-instantclient-basic
 BuildRequires:  oracle-instantclient-devel
 Requires:       %{name} = %{version}
 Requires:       %{name}-libs = %{version}
 Requires:       oracle-instantclient-basic
 %description oracle
 The FreeRADIUS server has a number of features found in other servers,
 and additional features not found in any other server. Rather than
 doing a feature by feature comparison, we will simply list the features
 of the server, and let you decide if they satisfy your needs.
 Support for RFC and VSA Attributes Additional server configuration
 attributes Selecting a particular configuration Authentication methods
 %endif
 %package libs
 Summary:        FreeRADIUS shared library
 Group:          Productivity/Networking/Radius/Servers
@ -140,23 +135,6 @@ features are:
 * Accounting methods
 %package dialupadmin
 Summary:        Web management for FreeRADIUS
 Group:          Productivity/Networking/Radius/Servers
 Requires:       http_daemon
 Requires:       mod_php_any
 Requires:       perl-Date-Manip
 Requires:       php
 Requires:       php-ldap
 Requires:       php-mysql
 Requires:       php-pgsql
 Requires:       php-session
 %description dialupadmin
 Dialup Admin supports users either in SQL (MySQL or PostgreSQL are
 supported) or in LDAP. Apart from the web pages, it also includes a
 number of scripts to make the administrator's life a lot easier.
 %package devel
 Summary:        FreeRADIUS Development Files (static libs)
 Group:          Development/Libraries/C and C++
@ -173,15 +151,79 @@ Requires:       %{name}
 %description doc
 This package contains FreeRADIUS Documentation
 %package ldap
 Summary:        LDAP support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 BuildRequires:  openldap2-devel
 %description ldap
 This plugin provides the LDAP support for the FreeRADIUS server project.
 %package krb5
 Summary:        Kerberos 5 support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 BuildRequires:  krb5-devel
 %description krb5
 This plugin provides the Kerberos 5 support for the FreeRADIUS server project.
 %package perl
 Summary:        Perl support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 Requires:       perl
 BuildRequires:  perl
 BuildRequires:  perl(ExtUtils::Embed)
 %description perl
 This plugin provides the Perl support for the FreeRADIUS server project.
 %package python
 Summary:        Python support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 BuildRequires:  python-devel
 %description python
 This plugin provides the Python support for the FreeRADIUS server project.
 %package mysql
 Summary:        MySQL support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 BuildRequires:  mysql-devel
 %description mysql
 This plugin provides the MySQL support for the FreeRADIUS server project.
 %package postgresql
 Summary:        Postgresql support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 BuildRequires:  postgresql-devel
 %description postgresql
 This plugin provides the postgresql support for the FreeRADIUS server project.
 %package sqlite
 Summary:        SQLite support for freeradius
 Group:          System Environment/Daemons
 Requires:       %{name} = %{version}
 BuildRequires:  sqlite-devel
 %description sqlite
 This plugin provides the SQLite support for the FreeRADIUS server project.
 %prep
 %gpg_verify %{S:10}
 %setup -q
 %patch1
 %patch2
 %patch3
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
 %patch11 -p0
 %patch12 -p1
 %build
@ -196,6 +238,7 @@ export CFLAGS="%{optflags} -DLDAP_DEPRECATED -fstack-protector"
 %ifarch x86_64 ppc ppc64 s390 s390x %arm
 export CFLAGS="$CFLAGS -fPIC -DPIC"
 %endif
  #--without-rlm_ruby \
 export LDFLAGS="-pie"
 %configure \
  --disable-static \
@ -216,15 +259,11 @@ export LDFLAGS="-pie"
  --without-rlm_sql_db2 \
  --without-rlm_sql_firebird \
  --without-rlm_sql_iodbc \
-  --without-rlm_ruby \
+  --without-rlm_tralalala \
  --without-rlm_redis \
  --without-rlm_rediswho \
-%if %{_oracle_support} == 1
+  --without-rlm_sql_oracle \
-  --with-rlm_sql_oracle \
+  --without-rlm_securid
  --with-oracle-lib-dir=%{_libdir}/oracle/10.1.0.3/client/lib/
 %else
  --without-rlm_sql_oracle
 %endif
 # no parallel build possible
 make
@ -241,6 +280,10 @@ perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radrelay.conf
 # logs
 touch %{buildroot}%{_localstatedir}/log/radius/radutmp
 touch %{buildroot}%{_localstatedir}/log/radius/radius.log
 mkdir -p %{buildroot}/usr/lib/tmpfiles.d
 mkdir -p %{buildroot}%{_localstatedir}/run/
 install -d -m 0710 %{buildroot}%{_localstatedir}/run/radiusd/
 install -m 0644 %{SOURCE2} %{buildroot}/usr/lib/tmpfiles.d/radiusd.conf
 # SuSE
 install -d     %{buildroot}%{_sysconfdir}/pam.d
 install -d     %{buildroot}%{_sysconfdir}/logrotate.d
@ -250,44 +293,71 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/init.d
 install    -m 744 suse/rcradiusd %{buildroot}%{_sysconfdir}/init.d/freeradius
 ln -sf ../..%{_sysconfdir}/init.d/freeradius %{buildroot}%{_sbindir}/rcfreeradius
 cp -al %{buildroot}%{_sbindir}/radiusd %{buildroot}%{_sbindir}/radrelay
 install    -m 744 suse/rcradius-relayd %{buildroot}%{_sysconfdir}/init.d/freeradius-relay
 ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay %{buildroot}%{_sbindir}/rcfreeradius-relay
 mv -v doc/README doc/README.doc
 # install dialup_admin
 DIALUPADMIN=%{buildroot}%{_datadir}/dialup_admin
 mkdir -p $DIALUPADMIN
 cp -r dialup_admin/* %{buildroot}%{_datadir}/dialup_admin
 # apache2 config
 install -d -m 755 %{buildroot}%{apache2_sysconfdir}/conf.d
 install -m 644 suse/admin-httpd.conf %{buildroot}%{apache2_sysconfdir}/conf.d/radius.conf
 # remove unneeded stuff
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.crt
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.csr
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.der
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.key
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.pem
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.p12
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/index.*
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/serial*
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/dh
 rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/random
 rm -rf doc/00-OLD
 rm -rf doc/.gitignore
 rm -rf doc/source/.gitignore
 rm -f %{buildroot}%{_sbindir}/rc.radiusd
 rm -rf %{buildroot}%{_datadir}/doc/freeradius*
 rm -rf %{buildroot}%{_libdir}/freeradius/*.*a
 rm -f %{buildroot}%{_datadir}/dialup_admin/Makefile
 rm -f %{buildroot}%{_defaultdocdir}/%{name}/Makefile
 rm -f %{buildroot}%{_defaultdocdir}/%{name}/examples/Makefile
 rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/main/mssql
 rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/ippool/oracle
 rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/main/oracle
 %pre
 %{_sbindir}/groupadd -r radiusd 2> /dev/null || :
 %{_sbindir}/useradd -r -g radiusd -s /bin/false -c "Radius daemon" -d \
                  %{_localstatedir}/lib/radiusd radiusd 2> /dev/null || :
 %if 0%{?suse_version} > 1140
 %service_add_pre %{unitname}.service
 %endif
 %post
 # Generate default certificates
 if [ $1 -eq 1 ]; then
-	/etc/raddb/certs/bootstrap
+	%{_sysconfdir}/raddb/certs/bootstrap
 fi
-chgrp radiusd /etc/raddb/certs/*
+chgrp radiusd %{_sysconfdir}/raddb/certs/*
-%{fillup_and_insserv freeradius}
+
 %if %{with_sysvinit}
 %fillup_and_insserv freeradius
 %endif
 %if 0%{?suse_version} > 1140
 %service_add_post %{unitname}.service
 %endif
 %preun
 %if %{with_sysvinit}
 %stop_on_removal freeradius
 %endif
 %if 0%{?suse_version} > 1140
 %service_del_preun %{unitname}.service
 %endif
 %postun
 %if %{with_sysvinit}
 %insserv_cleanup
 %restart_on_update freeradius
-%{insserv_cleanup}
+%endif
 %if 0%{?suse_version} > 1140
 %service_del_postun %{unitname}.service
 %endif
 %clean
 rm -rf %{buildroot}
@ -300,47 +370,24 @@ rm -rf %{buildroot}
 %defattr(-,root,root)
 # doc
 %doc suse/README.SuSE
-%doc COPYRIGHT CREDITS LICENSE README doc/ChangeLog
+%doc COPYRIGHT CREDITS LICENSE doc/ChangeLog
 # SuSE
 %{_sysconfdir}/init.d/freeradius
 %{_sysconfdir}/init.d/freeradius-relay
 %config %{_sysconfdir}/pam.d/radiusd
 %config %{_sysconfdir}/logrotate.d/radiusd
 %{_sbindir}/rcfreeradius
 %{_sbindir}/rcfreeradius-relay
 %dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd
 # configs
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/trigger.conf
 %defattr(-,root,radiusd)
 %{_sysconfdir}/raddb/README.rst
 %config(noreplace) %{_sysconfdir}/raddb/dictionary
 %config(noreplace) %{_sysconfdir}/raddb/acct_users
 %config(noreplace) %{_sysconfdir}/raddb/attrs
 %config(noreplace) %{_sysconfdir}/raddb/attrs.access_reject
 %config(noreplace) %{_sysconfdir}/raddb/attrs.accounting_response
 %config(noreplace) %{_sysconfdir}/raddb/attrs.pre-proxy
 %config(noreplace) %{_sysconfdir}/raddb/attrs.access_challenge
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/clients.conf
 %config(noreplace) %{_sysconfdir}/raddb/hints
 %config(noreplace) %{_sysconfdir}/raddb/huntgroups
 %config(noreplace) %{_sysconfdir}/raddb/ldap.attrmap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sqlippool.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/preproxy_users
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/proxy.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/radiusd.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql.conf
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/modules
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/modules/*
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mssql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mysql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/oracle
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/postgresql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/ndb
 %{_sysconfdir}/raddb/sql/ndb/README
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.sql
 %{_sysconfdir}/raddb/sql/oracle/msqlippool.txt
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/users
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/experimental.conf
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs
 %{_sysconfdir}/raddb/certs/Makefile
@ -348,14 +395,160 @@ rm -rf %{buildroot}
 %{_sysconfdir}/raddb/certs/xpextensions
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/certs/*.cnf
 %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs/bootstrap
 %config /usr/lib/tmpfiles.d/radiusd.conf
 # mods-config
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config
 %{_sysconfdir}/raddb/mods-config/README.rst
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/attr_filter
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/attr_filter/*
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/ruby
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/ruby/*
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/files
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/files/*
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/preprocess
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/preprocess/*
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main
 # sites-available
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-available
-%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/*
+%{_sysconfdir}/raddb/sites-available/README
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/control-socket
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/decoupled-accounting
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/robust-proxy-accounting
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/soh
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/coa
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/example
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/inner-tunnel
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/dhcp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/check-eap-tls
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/status
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/dhcp.relay
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/virtual.example.com
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/originate-coa
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/vmps
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/default
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/proxy-inner-tunnel
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/dynamic-clients
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/copy-acct-to-home-server
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/buffered-sql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/tls
 # sites-enabled
 # symlink: %{_sysconfdir}/raddb/sites-enabled/xxx -> ../sites-available/xxx
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-enabled
-%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-enabled/*
+%config(missingok) %{_sysconfdir}/raddb/sites-enabled/inner-tunnel
-%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/eap.conf
+%config(missingok) %{_sysconfdir}/raddb/sites-enabled/default
-%attr(640,root,radiusd) %{_sysconfdir}/raddb/example.pl
+
-%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.conf
+# mods-available
-%{_sysconfdir}/raddb/policy.txt
+%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-available
 %{_sysconfdir}/raddb/mods-available/README.rst
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/always
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/attr_filter
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/cache
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/cache_eap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/chap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/counter
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/cui
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/detail
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/detail.example.com
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/detail.log
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/dhcp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/dhcp_sqlippool
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/digest
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/dynamic_clients
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/eap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/echo
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available%{_sysconfdir}_group
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/exec
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/expiration
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/expr
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/files
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/idn
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/inner-eap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/ippool
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/linelog
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/logintime
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/mac2ip
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/mac2vlan
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/mschap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/ntlm_auth
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/opendirectory
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/otp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/pam
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/pap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/passwd
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/preprocess
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/python
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/radutmp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/realm
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/redis
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/rediswho
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/replicate
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/rest
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/smbpasswd
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/smsotp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/soh
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sometimes
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sqlippool
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sradutmp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/unix
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/utf8
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/wimax
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/yubikey
 # mods-enabled
 # symlink: %{_sysconfdir}/raddb/mods-enabled/xxx -> ../mods-available/xxx
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-enabled
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/always
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/attr_filter
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/cache_eap
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/chap
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/detail
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/detail.log
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/dhcp
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/digest
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/dynamic_clients
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/eap
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/echo
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/exec
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/expiration
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/expr
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/files
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/linelog
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/logintime
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/mschap
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/ntlm_auth
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/pap
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/passwd
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/preprocess
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/radutmp
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/realm
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/replicate
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/soh
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/sradutmp
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/unix
 %config(missingok) %{_sysconfdir}/raddb/mods-enabled/utf8
 # policy
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/policy.d
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/accounting
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/canonicalization
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/control
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/cui
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/dhcp
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/eap
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/filter
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/operator-name
 %config(noreplace) %{_sysconfdir}/raddb/users
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/templates.conf
 %attr(700,radiusd,radiusd) %dir %ghost %{_localstatedir}/run/radiusd/
 # binaries
@ -364,7 +557,6 @@ rm -rf %{buildroot}
 %{_sbindir}/radiusd
 %{_sbindir}/radmin
 %{_sbindir}/radrelay
 %{_sbindir}/radwatch
 %{_sbindir}/raddebug
 # man-pages
 %doc %{_mandir}/man5/*
@ -377,9 +569,65 @@ rm -rf %{buildroot}
 %attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/radacct/
 %attr(644,radiusd,radiusd) %{_localstatedir}/log/radius/radutmp
 %config(noreplace) %attr(600,radiusd,radiusd) %{_localstatedir}/log/radius/radius.log
-# RADIUS Loadable Modules
+
-%attr(755,root,root) %dir %{_libdir}/freeradius
+# loadable modules
-%attr(755,root,root) %{_libdir}/freeradius/rlm_*.so*
+%dir %attr(755,root,root) %{_libdir}/freeradius
 %{_libdir}/freeradius/proto_dhcp.so
 %{_libdir}/freeradius/proto_vmps.so
 %{_libdir}/freeradius/rlm_always.so
 %{_libdir}/freeradius/rlm_attr_filter.so
 %{_libdir}/freeradius/rlm_cache.so
 %{_libdir}/freeradius/rlm_chap.so
 %{_libdir}/freeradius/rlm_counter.so
 %{_libdir}/freeradius/rlm_cram.so
 %{_libdir}/freeradius/rlm_detail.so
 %{_libdir}/freeradius/rlm_dhcp.so
 %{_libdir}/freeradius/rlm_digest.so
 %{_libdir}/freeradius/rlm_dynamic_clients.so
 %{_libdir}/freeradius/rlm_eap.so
 %{_libdir}/freeradius/rlm_eap_gtc.so
 %{_libdir}/freeradius/rlm_eap_leap.so
 %{_libdir}/freeradius/rlm_eap_md5.so
 %{_libdir}/freeradius/rlm_eap_mschapv2.so
 %{_libdir}/freeradius/rlm_eap_peap.so
 %{_libdir}/freeradius/rlm_eap_pwd.so
 %{_libdir}/freeradius/rlm_eap_sim.so
 %{_libdir}/freeradius/rlm_eap_tls.so
 %{_libdir}/freeradius/rlm_eap_ttls.so
 %{_libdir}/freeradius/rlm_exec.so
 %{_libdir}/freeradius/rlm_expiration.so
 %{_libdir}/freeradius/rlm_expr.so
 %{_libdir}/freeradius/rlm_files.so
 %{_libdir}/freeradius/rlm_ippool.so
 %{_libdir}/freeradius/rlm_linelog.so
 %{_libdir}/freeradius/rlm_logintime.so
 %{_libdir}/freeradius/rlm_mschap.so
 %{_libdir}/freeradius/rlm_otp.so
 %{_libdir}/freeradius/rlm_pam.so
 %{_libdir}/freeradius/rlm_pap.so
 %{_libdir}/freeradius/rlm_passwd.so
 %{_libdir}/freeradius/rlm_preprocess.so
 %{_libdir}/freeradius/rlm_radutmp.so
 %{_libdir}/freeradius/rlm_realm.so
 %{_libdir}/freeradius/rlm_replicate.so
 %{_libdir}/freeradius/rlm_soh.so
 %{_libdir}/freeradius/rlm_sometimes.so
 %{_libdir}/freeradius/rlm_sql.so
 %{_libdir}/freeradius/rlm_sqlcounter.so
 %{_libdir}/freeradius/rlm_sqlippool.so
 %{_libdir}/freeradius/rlm_sql_null.so
 %{_libdir}/freeradius/rlm_unix.so
 %{_libdir}/freeradius/rlm_utf8.so
 %{_libdir}/freeradius/rlm_wimax.so
 %{_libdir}/freeradius/rlm_yubikey.so
 %{_libdir}/freeradius/rlm_example.so
 %{_libdir}/freeradius/rlm_idn.so
 %{_libdir}/freeradius/rlm_rest.so
 %{_libdir}/freeradius/rlm_ruby.so
 %{_libdir}/freeradius/rlm_smsotp.so
 %{_libdir}/freeradius/rlm_sql_freetds.so
 %{_libdir}/freeradius/rlm_sql_unixodbc.so
 %{_libdir}/freeradius/rlm_sqlhpwippool.so
 %files utils
 %defattr(-,root,root)
@ -391,33 +639,105 @@ rm -rf %{buildroot}
 # RADIUS shared libs
 %attr(755,root,root) %dir %{_libdir}/freeradius
 %attr(755,root,root) %{_libdir}/freeradius/lib*.so*
 %if %{_oracle_support} == 1
 %files oracle
 %defattr(-,radiusd,radiusd)
 %attr(755,root,root) %dir %{_libdir}/freeradius
 %attr(755,root,root) %{_libdir}/freeradius/rlm_sql_oracle*.so*
 %endif
 %files dialupadmin
 %defattr(-,root,root)
 %dir %{_datadir}/dialup_admin/
 %{_datadir}/dialup_admin/bin/
 %{_datadir}/dialup_admin/doc/
 %{_datadir}/dialup_admin/htdocs/
 %{_datadir}/dialup_admin/html/
 %{_datadir}/dialup_admin/lib/
 %{_datadir}/dialup_admin/sql/
 %dir %{_datadir}/dialup_admin/conf/
 %config(noreplace) %{_datadir}/dialup_admin/conf/*
 %dir %{apache2_sysconfdir}/conf.d
 %config(noreplace) %{apache2_sysconfdir}/conf.d/radius.conf
 %{_datadir}/dialup_admin/Changelog
 %{_datadir}/dialup_admin/README
 %files devel
 %defattr(-,root,root)
 %dir %attr(755,root,root) %{_includedir}/freeradius
 %attr(644,root,root) %{_includedir}/freeradius/*.h
 %files krb5
 %{_libdir}/freeradius/rlm_krb5.so
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/krb5
 %files perl
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/perl
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/perl
 %{_sysconfdir}/raddb/mods-config/perl/example.pl
 %{_libdir}/freeradius/rlm_perl.so
 %files python
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/python
 %{_sysconfdir}/raddb/mods-config/python/example.py*
 %{_libdir}/freeradius/rlm_python.so
 %files mysql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/mysql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/mysql/queries.conf
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui/mysql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/mysql/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/mysql/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/mysql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/mysql/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/mysql/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/mysql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/mysql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/setup.sql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras/wimax
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras/wimax/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras/wimax/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/ndb
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/ndb/setup.sql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/ndb/schema.sql
 %{_sysconfdir}/raddb/mods-config/sql/main/ndb/README
 %{_libdir}/freeradius/rlm_sql_mysql.so
 %files postgresql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/queries.conf
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui/postgresql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/postgresql/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/postgresql/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/setup.sql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras/update_radacct_group.sql
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras/voip-postpaid.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras/cisco_h323_db_schema.sql
 %{_libdir}/freeradius/rlm_sql_postgresql.so
 %files sqlite
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui/sqlite
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/sqlite/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/sqlite/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/sqlite
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/sqlite/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/sqlite/schema.sql
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/sqlite
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/sqlite/queries.conf
 %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/sqlite
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/sqlite/queries.conf
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/sqlite/schema.sql
 %{_libdir}/freeradius/rlm_sql_sqlite.so
 %files ldap
 %{_libdir}/freeradius/rlm_ldap.so
 %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/ldap
 %changelog
--- a/freeradius-tmpfiles.conf
+++ b/freeradius-tmpfiles.conf
@ -0,0 +1 @@
 D /var/run/radiusd 0710 radiusd radiusd -
--- a/radiusd.service
+++ b/radiusd.service
@ -0,0 +1,15 @@
 [Unit]
 Description=FreeRADIUS high performance RADIUS server.
 After=syslog.target network.target
 [Service]
 Type=forking
 PIDFile=/var/run/radiusd/radiusd.pid
 ExecStartPre=-/bin/chown -R radiusd.radiusd /var/run/radiusd
 ExecStartPre=/usr/sbin/radiusd -C
 ExecStart=/usr/sbin/radiusd -d /etc/raddb
 ExecReload=/usr/sbin/radiusd -C
 ExecReload=/bin/kill -HUP $MAINPID
 [Install]
 WantedBy=multi-user.target