freeradius-server/freeradius-server-radiusd-logrotate.patch
Adam Majer 44d1db1d6e Accepting request 499628 from home:adamm:branches:network
- update to 3.0.14 (still FATE#322416)
  
  Feature improvements
  * Enforce TLS client certificate expiration on session resumption,
    and Session-Timeout. See CVE-2017-9148 (bnc#1041445)
  * Updated dictionary.cisco.vpn3000, dictionary.patton
  * Added dictionary.dellemc
  * Lowered the log output for failed PEAP sessions.
  * ALlow utc in rlm_date.
  * The internal OpenSSL session cache has been disabled.
    Please see mods-available/eap
  * Update detail reader documentation.
  * Make outgoing RadSec connections non-blocking.
  * Add SQL backing to Moonshot-*-TargetedId generation.
  Bug Fixes
  * radtest uses Cleartext-Password for EAP, not User-Password.
  * Update documentation for mods-enabled/ linking.
  * Enhanced checks for moonshot salt.
  * Allow session resumption for RadSec connections.
  * Update "huntgroups" file to note that port ranges are not supported
  * Fix OpenSSL permissions issues on default key files.
  * Certificates are not required when PSK is used.
  * Allow SubjectAltName as first extension in cert.
  * Fixed talloc issue with TLS session resumption.
  * "&Attr-26 := 0x01" now produces useful error messages.
  * Handle connection error in rlm_ldap_cacheable_groupobj.
  * Fix endian issues in DHCP.
  * Multiple minor fixes for Coverity complaints.
  * Handle unexpected regex.
  * Fix minor issues in dictionaries.
  * Fix typos and grammar. Patches from Alan Buxey.
  * Fix erroneous VP creation in rlm_preproces.
  * Fix MIB. Patch from Jeff Gehlbach.
  * Trust router updates from Alejandro Perez.
  * Allow build with LibreSSL.
  * Use correct packet for channel bindings.
  * Many fixes found by PVS-Studio. Thanks to PVS-Studio for giving us
    a test license. Please see the git commit history for more info.
  * Fix incorrect length check in EAP-PWD. This may be exploitable.
  * Stop rotating session database files (radutmp, radwtmp) since
    these are not logfiles.
- freeradius-server-radiusd-logrotate.patch: updated

OBS-URL: https://build.opensuse.org/request/show/499628
OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=98
2017-05-30 09:15:48 +00:00

40 lines
959 B
Diff

Index: freeradius-server-3.0.14/suse/radiusd-logrotate
===================================================================
--- freeradius-server-3.0.14.orig/suse/radiusd-logrotate
+++ freeradius-server-3.0.14/suse/radiusd-logrotate
@@ -16,13 +16,18 @@ notifempty
# The main server log
#
/var/log/radius/radius.log {
+ su radiusd radiusd
copytruncate
+ postrotate
+ kill -HUP `cat /run/radiusd/radiusd.pid` || :
+ endscript
}
#
# Session monitoring utilities
#
/var/log/radius/checkrad.log /var/log/radius/radwatch.log {
+ su radiusd radiusd
nocreate
size=+1024k
}
@@ -31,6 +36,7 @@ notifempty
# SQL log files
#
/var/log/radius/sqllog.sql {
+ su radiusd radiusd
nocreate
size=+2048k
}
@@ -43,6 +49,7 @@ notifempty
# second technique, you will need another cron job that removes old
# detail files. You do not need to comment out the below for method #2.
/var/log/radius/radacct/*/detail {
+ su radiusd radiusd
nocreate
}