1
0

- freeradius-server-radiusd-logrotate.patch: move logrotate

options into specific parts for each log as "global" options
  will persist past and clobber global options in the
  main logrotate config (bsc#1180525)

OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=147
This commit is contained in:
Adam Majer 2021-10-07 15:45:35 +00:00 committed by Git OBS Bridge
parent 91edf028a2
commit 09dea27b0a
7 changed files with 65 additions and 115 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:08ce42bf0ec217704ca163619c06efcae8a6d6a8ae7a626d77da9a6fd210e235
size 3381917

Binary file not shown.

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7bb0f25bec869f71f81ff6ce0be13181ac75394857e919382220240f3b6f52ef
size 3400689

Binary file not shown.

View File

@ -1,74 +0,0 @@
Index: freeradius-server-3.0.21/suse/radiusd-logrotate
===================================================================
--- freeradius-server-3.0.21.orig/suse/radiusd-logrotate
+++ freeradius-server-3.0.21/suse/radiusd-logrotate
@@ -2,39 +2,33 @@
# it to /etc/logrotate.d/radiusd
#
-# Global options for all files
-#
-dateext
-maxage 365
-rotate 99
-missingok
-compress
-delaycompress
-notifempty
-su radiusd radiusd
-
-#
# The main server log
#
/var/log/radius/radius.log {
+ dateext
+ maxage 365
+ rotate 99
+ missingok
+ compress
+ delaycompress
+ notifempty
+
+ su radiusd radiusd
copytruncate
+ postrotate
+ kill -HUP `cat /run/radiusd/radiusd.pid` || :
+ endscript
}
#
# Session monitoring utilities
#
-/var/log/radius/checkrad.log /var/log/radius/radwatch.log {
- nocreate
- size=+1024k
-}
+/var/log/radius/checkrad.log /var/log/radius/radwatch.log
#
# SQL log files
#
-/var/log/radius/sqllog.sql {
- nocreate
- size=+2048k
-}
+/var/log/radius/sqllog.sql
# There are different detail-rotating strategies you can use. One is
# to write to a single detail file per IP and use the rotate config
@@ -44,6 +38,15 @@ su radiusd radiusd
# second technique, you will need another cron job that removes old
# detail files. You do not need to comment out the below for method #2.
/var/log/radius/radacct/*/detail {
+ dateext
+ maxage 365
+ rotate 99
+ missingok
+ compress
+ delaycompress
+ notifempty
+ size 1M
+ su radiusd radiusd
nocreate
}

View File

@ -1,3 +1,61 @@
-------------------------------------------------------------------
Thu Oct 7 15:02:11 UTC 2021 - Adam Majer <adam.majer@suse.de>
- Update to version 3.0.24 (jsc#SLE-21237)
Feature Improvements
* Add sanitizer options to configure script.
* Log information needed by Wireshark to decode TLS sessions.
* Allow more liberal SQL commands in rlm_sql_map.
* Update dictionary.apc, dictionary.h3c.
* Add new Acct-Status-Type Subsystem-On and Subsystem-Off See
dictionary.iana and
https://freeradius.org/rfc/acct_status_type_subsystem.html.
* Add reject_unknown_intermediate_ca. See mods-available/eap.
* Add dynamic loading of certificates via TLS-Session-Cert-File
See raddb/certs/realms/README.md.
* Add Server Name Indication (SNI) for outbound RadSec connections
See raddb/sites-available/tls, and the home server tls
configuration.
* Support SNI for inbound RadSec connections. Certificates will be
loaded from "realm_dir" in the "tls" section. SNI will be cached
in the TLS-Server-Name-Indication attribute.
* Preliminary support for haproxy "PROXY" protocol See sites-available/tls,
"proxy_protocol" and doc/antora/modules/howto/pages/protocols/proxy/.
* Generate parse errors in more circumstances when we know that
the configuration is wrong.
* Add "weeklycounter" to sample sqlcounter configuration.
* Add certificate attributes to the request list, even if
the certificates have expired.
* The Simultaneous-Use code is now IPv6 aware, and can deal
with NAS-IPv6-Address.
* Add dictionary.cambium.
Bug Fixes
* Fix crash in trustrouter module (#4115)
* Fix crash in state handling.
* Don't alter global options in redhat logrotate scripts.
* EAP-FAST will print errors and continue, rather than exiting
when OpenSSL fails various internal sanity checks.
* Allow admin to manually change core limits, even when core
limits are disabled.
* Fix chunked rlm_rest HTTP body. Closes #4131
* Many fixes around the SQL ippool queries.conf and schema
* Fix MySQL stored procedures. PR #4170
* Rework connection pool management for corner cases Fixes #4161, #4162, #4163.
* Final fix for double free in #3188.
* Fix sqlcounter wrong memory free. PR #4192
* Accept slow writes from proxies over TCP, which allows the server
to make more progress when it receives partial packets.
* Add 'weeklycounter' for rlm_sqlcounter.
* Outbound proxying over TCP / TLS is better able to deal with
partial TCP reads, and has fewer issues with slow networks.
* Fix wrong data-type of Acct-Delay-Time in rlm_unix.
* Fix EAP-FAST PAC lifetime calculation.
* Print correct encoded packet length when debugging.
- disable python2 build
- freeradius-server-radiusd-logrotate.patch: upstreamed
-------------------------------------------------------------------
Sun Jun 27 15:43:02 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

View File

@ -18,15 +18,9 @@
%define unitname radiusd
Name: freeradius-server
Version: 3.0.23
Version: 3.0.24
Release: 0
%if 0%{?suse_version} >= 1500
%bcond_with python2
%else
%bcond_without python2
%endif
%if 0%{?suse_version} > 1140
%bcond_without systemd
%bcond_without libjson
@ -62,7 +56,6 @@ Source1: radiusd.service
Source2: freeradius-tmpfiles.conf
Patch0: freeradius-server-fix-perl-shbang.patch
Patch1: freeradius-server-tmpfiles.patch
Patch2: freeradius-server-radiusd-logrotate.patch
Patch3: freeradius-server-rcradiusd.patch
Patch5: freeradius-server-rlm_sql_unixodbc-configure.patch
Patch6: freeradius-server-radclient-init-error-buffer.patch
@ -102,9 +95,6 @@ BuildRequires: openssl-devel > 1.0
BuildRequires: pam-devel
BuildRequires: perl
BuildRequires: postgresql-devel
%if 0%{with python2}
BuildRequires: python-devel
%endif
BuildRequires: python3-devel
BuildRequires: sqlite3-devel
BuildRequires: unixODBC-devel
@ -211,14 +201,6 @@ Requires: perl
%description perl
FreeRADIUS plugin providing Perl support.
%package python
Summary: Python support for freeradius
Group: System/Daemons
Requires: %{name} = %{version}
%description python
FreeRADIUS plugin providing Python support.
%package python3
Summary: Python3 support for freeradius
Group: System/Daemons
@ -283,9 +265,7 @@ export LDFLAGS="-pie"
--without-rlm_rediswho \
--without-rlm_sql_oracle \
--without-rlm_securid \
%if ! %{with python2}
--without-rlm_python \
%endif
--with-rlm-python3-include-dir=%{_includedir}/python%{python3_version}%{py3_abiflags} \
%if ! %{with memcached}
--without-rlm_cache_memcached \
@ -359,9 +339,6 @@ rm -r %{buildroot}%{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/oracle
%if ! %{with json}
rm %{buildroot}%{_sysconfdir}/raddb/mods-available/rest
%endif
%if ! %{with python2}
rm %{buildroot}%{_sysconfdir}/raddb/mods-available/python
%endif
rm %{buildroot}%{_sysconfdir}/raddb/mods-config/sql/ippool/mongo/queries.conf
rm %{buildroot}%{_sysconfdir}/raddb/mods-config/sql/main/mongo/queries.conf
rm %{buildroot}%{_sysconfdir}/raddb/sites-available/coa-relay
@ -467,8 +444,6 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{unitname}.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/moonshot-targeted-ids/*
%dir %attr(750,root,radiusd) /etc/raddb/mods-config/sql/moonshot-targeted-ids
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/preprocess/*
#%%dir %%attr(750,root,radiusd) %%{_sysconfdir}/raddb/mods-config/python
#%%attr(640,root,radiusd) %%config(noreplace) %%{_sysconfdir}/raddb/mods-config/python/radiusd.py
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/mysql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/mysql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql
@ -568,9 +543,6 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{unitname}.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/pap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/passwd
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/preprocess
%if %{with python2}
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/python
%endif
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/python3
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/radutmp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/realm
@ -769,15 +741,6 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{unitname}.conf
%{_libdir}/freeradius/rlm_perl.so
%if %{with python2}
%files python
%defattr(-,root,root)
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/python
%attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/python/radiusd.py
%{_sysconfdir}/raddb/mods-config/python/example.py*
%{_libdir}/freeradius/rlm_python.so
%endif
%files python3
%defattr(-,root,root)
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/python3
@ -789,6 +752,7 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{unitname}.conf
%defattr(-,root,root)
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/mysql
%attr(640,root,radiusd) %config(noreplace)%{_sysconfdir}/raddb/mods-config/sql/counter/mysql/dailycounter.conf
%attr(640,root,radiusd) %config(noreplace)%{_sysconfdir}/raddb/mods-config/sql/counter/mysql/weeklycounter.conf
%attr(640,root,radiusd) %config(noreplace)%{_sysconfdir}/raddb/mods-config/sql/counter/mysql/expire_on_login.conf
%attr(640,root,radiusd) %config(noreplace)%{_sysconfdir}/raddb/mods-config/sql/counter/mysql/monthlycounter.conf
%attr(640,root,radiusd) %config(noreplace)%{_sysconfdir}/raddb/mods-config/sql/counter/mysql/noresetcounter.conf
@ -835,6 +799,7 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{unitname}.conf
%defattr(-,root,root)
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/dailycounter.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/weeklycounter.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/expire_on_login.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/monthlycounter.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/noresetcounter.conf
@ -877,6 +842,7 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{unitname}.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/sqlite
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/sqlite/dailycounter.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/sqlite/weeklycounter.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/sqlite/expire_on_login.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/sqlite/monthlycounter.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/sqlite/noresetcounter.conf