rpm/freeradius-server
SHA256
1
0
Fork 0
forked from pool/freeradius-server
Code Pull Requests Activity

Accepting request 203485 from home:vitezslav_cizek:branches:network

Browse Source 
- update to 3.0.0
  * new feature release
  * see /usr/share/doc/packages/freeradius-server/ChangeLog
    for complete list of changes in this release
  * documentation for upgrading from 2.x is in /etc/raddb/README.rst
- drop oracle support (wasn't built anyway)
- dropped patches (obsolete):
  * freeradius-server-2.1.6-codecleanup.patch
  * freeradius-server-2.1.6-dialup_admin.patch
  * freeradius-server-2.1.1-edirectory.patch
- added systemd service unit
  * radiusd.service
- added systemd-tmpfile for /var/run/radiusd
  * freeradius-tmpfiles.conf
- added gpg-offline verification
  * freeradius-server.keyring

OBS-URL: https://build.opensuse.org/request/show/203485
OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=51
This commit is contained in:
Andrey Karepin 2013-10-16 18:25:42 +00:00 committed by Git OBS Bridge
parent 97a37fd089
commit 80e6dde4db
15 changed files with 530 additions and 583 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
freeradius-server-2.1.1-edirectory.patch
View File

@ -1,136 +0,0 @@
Index: src/modules/rlm_ldap/edir_ldapext.c
===================================================================
--- src/modules/rlm_ldap/edir_ldapext.c.orig 2011-06-20 16:57:14.000000000 +0200
+++ src/modules/rlm_ldap/edir_ldapext.c 2011-09-27 15:05:37.913323658 +0200
@@ -84,11 +84,11 @@
BerElement *requestBer = NULL;
char * utf8ObjPtr = NULL;
- int utf8ObjSize = 0;
+ ber_len_t utf8ObjSize = 0;
char * utf8PwdPtr = NULL;
- int utf8PwdSize = 0;
+ ber_len_t utf8PwdSize = 0;
char * utf8Pwd2Ptr = NULL;
- int utf8Pwd2Size = 0;
+ ber_len_t utf8Pwd2Size = 0;
utf8ObjSize = strlen(objectDN)+1;
@@ -142,7 +142,7 @@
/*
* Convert the BER we just built to a berval that we'll send with the extended request.
*/
- if(ber_flatten(requestBer, requestBV) == LBER_ERROR)
+ if(ber_flatten(requestBer, requestBV) == -1)
{
err = NMAS_E_FRAG_FAILURE;
goto Cleanup;
@@ -172,16 +172,17 @@
* buffer was supplied, tries to decode the the return data and length
*
* ------------------------------------------------------------------------ */
-int berDecodeLoginData(
+ber_int_t berDecodeLoginData(
struct berval *replyBV,
- int *serverVersion,
- size_t *retDataLen,
+ ber_int_t *serverVersion,
+ ber_len_t *retDataLen,
void *retData )
{
- int rc=0, err = 0;
+ int rc=0;
+ ber_int_t err = 0;
BerElement *replyBer = NULL;
char *retOctStr = NULL;
- size_t retOctStrLen = 0;
+ ber_len_t retOctStrLen = 0;
if((replyBer = ber_init(replyBV)) == NULL)
{
@@ -258,14 +259,14 @@
size_t *pwdSize, // in bytes
char *pwd )
{
- int err = 0;
+ ber_int_t err = 0;
struct berval *requestBV = NULL;
char *replyOID = NULL;
struct berval *replyBV = NULL;
- int serverVersion;
+ ber_int_t serverVersion;
char *pwdBuf;
- size_t pwdBufLen, bufferLen;
+ ber_len_t pwdBufLen, bufferLen;
#ifdef NOT_N_PLAT_NLM
int currentThreadGroupID;
@@ -390,29 +391,29 @@
* and BER encodes the data into the BER value
*
* ------------------------------------------------------------------------ */
-int berEncodeAuthData(
+static int berEncodeAuthData(
struct berval **requestBV,
char *objectDN,
char *pwd,
char *sequence,
char *NasIP,
char *state,
- int *auth_state)
+ ber_int_t *auth_state)
{
int err = 0, rc=0;
BerElement *requestBer = NULL;
char * utf8ObjPtr = NULL;
- int utf8ObjSize = 0;
+ ber_len_t utf8ObjSize = 0;
char * utf8PwdPtr = NULL;
- int utf8PwdSize = 0;
+ ber_len_t utf8PwdSize = 0;
char * utf8NasIPPtr = NULL;
- int utf8NasIPSize = 0;
+ ber_len_t utf8NasIPSize = 0;
char * utf8StatePtr = NULL;
- int utf8StateSize = 0;
+ ber_len_t utf8StateSize = 0;
char * utf8SeqPtr = NULL;
- int utf8SeqSize = 0;
- int state_present = 0;
+ ber_len_t utf8SeqSize = 0;
+ ber_int_t state_present = 0;
utf8ObjSize = strlen(objectDN)+1;
utf8ObjPtr = objectDN;
@@ -494,12 +495,12 @@
* buffer was supplied, tries to decode the the return data and length
*
* ------------------------------------------------------------------------ */
-int berDecodeAuthData(
+static int berDecodeAuthData(
struct berval *replyBV,
- int *errCode,
- size_t *retDataLen,
+ ber_int_t *errCode,
+ ber_len_t *retDataLen,
char *retData,
- int *auth_state )
+ ber_int_t *auth_state )
{
int rc=0, err = 0;
BerElement *replyBer = NULL;
@@ -563,9 +564,9 @@
struct berval *requestBV = NULL;
char *replyOID = NULL;
struct berval *replyBV = NULL;
- int errCode;
+ ber_int_t errCode;
char *challenge;
- size_t challengesize;
+ ber_len_t challengesize;
challengesize = *statesize;
challenge = (char *)malloc(challengesize+2);

16
freeradius-server-2.1.1-logrotate_su.patch
View File

@ -1,7 +1,7 @@
Index: freeradius-server-2.1.12/suse/radiusd-logrotate
Index: freeradius-server-3.0.0/suse/radiusd-logrotate
===================================================================
--- freeradius-server-2.1.12.orig/suse/radiusd-logrotate 2013-01-08 18:25:29.358157621 +0100
+++ freeradius-server-2.1.12/suse/radiusd-logrotate 2013-01-08 18:28:38.487684634 +0100
--- freeradius-server-3.0.0.orig/suse/radiusd-logrotate 2013-10-15 18:26:37.704603079 +0200
+++ freeradius-server-3.0.0/suse/radiusd-logrotate 2013-10-15 18:27:37.232218844 +0200
@@ -6,6 +6,7 @@
# second technique, you will need another cron job that removes old
# detail files. You do not need to comment out the below for method #2.
@ -18,13 +18,13 @@ Index: freeradius-server-2.1.12/suse/radiusd-logrotate
compress
dateext
maxage 365
@@ -25,10 +27,12 @@
@@ -25,11 +27,12 @@
missingok
create
postrotate
- kill -HUP `cat /var/run/radiusd/radiusd.pid`
+ kill -HUP `cat /var/run/radiusd/radiusd.pid` || :
+ endscript
endscript
}
/var/log/radius/radwatch.log {
@ -32,7 +32,7 @@ Index: freeradius-server-2.1.12/suse/radiusd-logrotate
compress
dateext
maxage 365
@@ -40,6 +44,7 @@
@@ -41,6 +44,7 @@
}
/var/log/radius/radwtmp {
@ -40,10 +40,10 @@ Index: freeradius-server-2.1.12/suse/radiusd-logrotate
compress
dateext
maxage 365
@@ -54,6 +59,7 @@
@@ -55,6 +59,7 @@
}
/var/log/radius/sqltrace.sql {
/var/log/radius/sqllog.sql {
+ su radiusd radiusd
compress
dateext

64
freeradius-server-2.1.6-codecleanup.patch
View File

@ -1,64 +0,0 @@
Index: src/modules/rlm_smb/rfcnb-util.c
===================================================================
--- src/modules/rlm_smb/rfcnb-util.c.orig 2010-06-21 21:15:56.000000000 +0200
+++ src/modules/rlm_smb/rfcnb-util.c 2010-06-21 21:16:06.000000000 +0200
@@ -208,7 +208,7 @@ struct RFCNB_Pkt *RFCNB_Alloc_Pkt(int n)
/* Free up a packet */
-int RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt)
+void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt)
{ struct RFCNB_Pkt *pkt_next; char *data_ptr;
Index: src/modules/rlm_smb/rfcnb-util.h
===================================================================
--- src/modules/rlm_smb/rfcnb-util.h.orig 2010-06-21 21:15:56.000000000 +0200
+++ src/modules/rlm_smb/rfcnb-util.h 2010-06-21 21:16:06.000000000 +0200
@@ -52,3 +52,4 @@ int RFCNB_Session_Req(struct RFCNB_Con *
struct in_addr *Dest_IP,
int * port);
+void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt);
Index: src/modules/rlm_smb/session.c
===================================================================
--- src/modules/rlm_smb/session.c.orig 2010-06-21 21:15:56.000000000 +0200
+++ src/modules/rlm_smb/session.c 2010-06-21 21:16:06.000000000 +0200
@@ -41,6 +41,7 @@ int RFCNB_saved_errno = 0;
#include "rfcnb-priv.h"
#include "rfcnb-util.h"
+#include "rfcnb-io.h"
int RFCNB_Stats[RFCNB_MAX_STATS];
@@ -315,7 +316,7 @@ int RFCNB_Set_Sock_NoDelay(struct RFCNB_
void *RFCNB_Listen()
{
-
+ return NULL;
}
/* Pick up the last error response as a string, hmmm, this routine should */
@@ -357,7 +358,7 @@ int RFCNB_Get_Last_Errno()
/* Pick up the last error response and return in string ... */
-int RFCNB_Get_Error_Msg(int code, char *msg_buf, int len)
+void RFCNB_Get_Error_Msg(int code, char *msg_buf, int len)
{
Index: src/modules/rlm_smb/smbencrypt.c
===================================================================
--- src/modules/rlm_smb/smbencrypt.c.orig 2010-06-21 21:15:56.000000000 +0200
+++ src/modules/rlm_smb/smbencrypt.c 2010-06-21 21:16:06.000000000 +0200
@@ -25,6 +25,7 @@
RCSID("$Id$")
#include <string.h>
+#include <ctype.h>
#ifdef HAVE_SYS_VFS_H
#include <sys/vfs.h>
#endif

192
freeradius-server-2.1.6-dialup_admin.patch
View File

@ -1,192 +0,0 @@
Index: dialup_admin/bin/backup_radacct
===================================================================
--- dialup_admin/bin/backup_radacct.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/backup_radacct 2010-06-21 21:15:57.000000000 +0200
@@ -2,7 +2,7 @@
use POSIX;
use File::Temp;
-$conf=shift||'/data/local/dialupadmin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
$back_days = 80;
$backup_directory = "/logs/radiusd/accounting";
@@ -48,4 +48,4 @@ $comm = "$sqlcmd -U $sql_username -f $t
$command = "$sqlcmd $sql_username/$pass" . "@" . "$sql_database <$tmpfile.$server" if ($sql_type eq 'oracle');
$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' < $tmp_filename >$backup_directory/$date3" if ($sql_type eq 'sqlrelay');
`$comm`;
-`/usr/local/bin/gzip -9 $backup_directory/$date3`;
+`/usr/bin/gzip -9 $backup_directory/$date3`;
Index: dialup_admin/bin/clean_radacct
===================================================================
--- dialup_admin/bin/clean_radacct.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/clean_radacct 2010-06-21 21:15:57.000000000 +0200
@@ -7,7 +7,7 @@
use POSIX;
use File::Temp;
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
$back_days = 35;
Index: dialup_admin/bin/clearsession
===================================================================
--- dialup_admin/bin/clearsession.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/clearsession 2010-06-21 21:15:57.000000000 +0200
@@ -49,8 +49,8 @@ if ($nastype eq 'cisco' && $type eq 'tel
}
if ($nastype eq 'cisco' && $type eq 'snmp'){
- $SNMPGET="/usr/local/bin/snmpget";
- $SNMPSET="/usr/local/bin/snmpset";
+ $SNMPGET="/usr/bin/snmpget";
+ $SNMPSET="/usr/bin/snmpset";
die "Could not find snmpwalk binary. Please make sure that the \$SNMPGET variable points to the right location\n" if (! -x $SNMPGET);
die "Could not find snmpset binary. Please make sure that the \$SNMPSET variable points to the right location\n" if (! -x $SNMPSET);
Index: dialup_admin/bin/dialup_admin.cron
===================================================================
--- dialup_admin/bin/dialup_admin.cron.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/dialup_admin.cron 2010-06-21 21:15:57.000000000 +0200
@@ -1,4 +1,4 @@
-1 0 * * * /usr/local/dialup_admin/bin/tot_stats >/dev/null 2>&1
-5 0 * * * /usr/local/dialup_admin/bin/monthly_tot_stats >/dev/null 2>&1
-10 0 1 * * /usr/local/dialup_admin/bin/truncate_radacct >/dev/null 2>&1
-15 0 1 * * /usr/local/dialup_admin/bin/clean_radacct >/dev/null 2>&1
+1 0 * * * /usr/share/dialup_admin/bin/tot_stats >/dev/null 2>&1
+5 0 * * * /usr/share/dialup_admin/bin/monthly_tot_stats >/dev/null 2>&1
+10 0 1 * * /usr/share/dialup_admin/bin/truncate_radacct >/dev/null 2>&1
+15 0 1 * * /usr/share/dialup_admin/bin/clean_radacct >/dev/null 2>&1
Index: dialup_admin/bin/log_badlogins
===================================================================
--- dialup_admin/bin/log_badlogins.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/log_badlogins 2010-06-21 21:15:57.000000000 +0200
@@ -18,7 +18,7 @@ use File::Temp;
$|=1;
$file=shift||'none';
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
$all_file=shift||'no';
#
# Uncomment to force inserts even if there are sql errors. That can
Index: dialup_admin/bin/monthly_tot_stats
===================================================================
--- dialup_admin/bin/monthly_tot_stats.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/monthly_tot_stats 2010-06-21 21:15:57.000000000 +0200
@@ -9,7 +9,7 @@ use File::Temp;
# Works only with mysql and postgresql
#
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/sharel/dialup_admin/conf/admin.conf';
open CONF, "<$conf"
Index: dialup_admin/bin/showmodem
===================================================================
--- dialup_admin/bin/showmodem.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/showmodem 2010-06-21 21:15:57.000000000 +0200
@@ -7,7 +7,7 @@ $user=shift;
$comm=shift || "public";
$type=shift|| "xml";
-$conf='/usr/local/dialup_admin/conf/admin.conf';
+$conf='/usr/share/dialup_admin/conf/admin.conf';
open CONF, "<$conf"
or die "Could not open configuration file\n";
while(<CONF>){
Index: dialup_admin/bin/snmpfinger
===================================================================
--- dialup_admin/bin/snmpfinger.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/snmpfinger 2010-06-21 21:15:57.000000000 +0200
@@ -6,7 +6,7 @@ $host=shift;
$comm=shift || 'public';
$type=shift || 'cisco';
-$conf='/usr/local/dialup_admin/conf/admin.conf';
+$conf='/usr/share/dialup_admin/conf/admin.conf';
open CONF, "<$conf"
or die "Could not open configuration file\n";
while(<CONF>){
Index: dialup_admin/bin/tot_stats
===================================================================
--- dialup_admin/bin/tot_stats.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/tot_stats 2010-06-21 21:15:57.000000000 +0200
@@ -8,7 +8,7 @@ use File::Temp;
# Works with mysql and postgresql
#
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
open CONF, "<$conf"
Index: dialup_admin/bin/truncate_radacct
===================================================================
--- dialup_admin/bin/truncate_radacct.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/bin/truncate_radacct 2010-06-21 21:15:57.000000000 +0200
@@ -7,7 +7,7 @@
use POSIX;
use File::Temp;
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
$back_days = 90;
Index: dialup_admin/conf/admin.conf
===================================================================
--- dialup_admin/conf/admin.conf.orig 2010-06-21 21:15:56.000000000 +0200
+++ dialup_admin/conf/admin.conf 2010-06-21 21:15:57.000000000 +0200
@@ -19,11 +19,11 @@ general_charset: iso-8859-1
#
# The directory where dialupadmin is installed
#
-general_base_dir: /usr/local/dialup_admin
+general_base_dir: /usr/share/dialup_admin
#
# The base directory of the freeradius radius installation
#
-general_radiusd_base_dir: /usr/local/radiusd
+general_radiusd_base_dir: /
general_domain: company.com
#
# Set it to yes to use sessions and cache the various mappings
@@ -66,8 +66,8 @@ general_show_user_password: yes
general_raddb_dir: %{general_radiusd_base_dir}/etc/raddb
general_ldap_attrmap: %{general_raddb_dir}/ldap.attrmap
# Need to fix admin.conf file parser
-#general_clients_conf: %{general_raddb_dir}/clients.conf
-general_clients_conf: /usr/local/etc/raddb/clients.conf
+general_clients_conf: %{general_raddb_dir}/clients.conf
+#general_clients_conf: /usr/local/etc/raddb/clients.conf
general_sql_attrmap: %{general_base_dir}/conf/sql.attrmap
general_accounting_attrs_file: %{general_base_dir}/conf/accounting.attrs
general_extra_ldap_attrmap: %{general_base_dir}/conf/extra.ldap-attrmap
@@ -260,7 +260,7 @@ sql_show_all_groups: true
# This variable is used by the scripts in the bin folder
# It should contain the path to the sql binary used to run
# sql commands (mysql, psql, oracle and sqlrelay are only supported for now)
-sql_command: /usr/local/bin/mysql
+sql_command: /usr/bin/mysql
#sql_command: /usr/bin/psql
#sql_command: /usr/bin/sqlplus
#
@@ -269,12 +269,12 @@ sql_command: /usr/local/bin/mysql
# used to run snmp commands.
# (ucd = UCD-Snmp and net = Net-Snmp are only supported for now)
general_snmp_type: net
-general_snmpwalk_command: /usr/local/bin/snmpwalk
-general_snmpget_command: /usr/local/bin/snmpget
+general_snmpwalk_command: /usr/bin/snmpwalk
+general_snmpget_command: /usr/bin/snmpget
#
# Uncomment to enable sql debug
#
-sql_debug: true
+#sql_debug: true
#
# If set to yes then the HTTP credentials (http authentication)
# will be used to connect to the sql server instead of sql_username

31
freeradius-server-2.1.6-rcradiusd.patch
View File

@ -1,30 +1,13 @@
Index: suse/rcradius-relayd
===================================================================
--- suse/rcradius-relayd.orig 2010-06-21 21:15:56.000000000 +0200
+++ suse/rcradius-relayd 2010-06-21 21:16:03.000000000 +0200
@@ -12,8 +12,8 @@
#
### BEGIN INIT INFO
# Provides: radius-relayd
-# Required-Start: $network $syslog $remotefs
-# Required-Stop:
+# Required-Start: $network $syslog $remote_fs
+# Required-Stop: $network $syslog $remote_fs
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: RADIUS Relay Server
Index: suse/rcradiusd
===================================================================
--- suse/rcradiusd.orig 2010-06-21 21:15:56.000000000 +0200
+++ suse/rcradiusd 2010-06-21 21:16:03.000000000 +0200
@@ -12,8 +12,8 @@
#
### BEGIN INIT INFO
--- suse/rcradiusd.orig 2013-10-15 18:18:25.099506165 +0200
+++ suse/rcradiusd 2013-10-15 18:19:02.741895731 +0200
@@ -14,7 +14,7 @@
# Provides: radiusd
-# Required-Start: $network $syslog $remotefs
-# Required-Stop:
+# Required-Start: $network $syslog $remote_fs
# Required-Start: $network $syslog $remotefs
# Should-Start: $time ypbind smtp
-# Required-Stop: $syslog $remote_fs
+# Required-Stop: $network $syslog $remote_fs
# Should-Stop: ypbind smtp
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: RADIUS-Server

3
freeradius-server-2.2.0.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ad3e58fe2a723cbaafb8ca87677382a84bfb16e81b24f0d9ded71355a0218d35
size 2703349

3
freeradius-server-3.0.0.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:59ab4c376d0a77814b5e95eb610aed40cb8593365a33d196d7528bd6bece547b
size 2628377

BIN
freeradius-server-3.0.0.tar.bz2.sig Normal file
View File

Binary file not shown.

24
freeradius-server-fix-cert-bootstrap.patch
View File

@ -1,17 +1,17 @@
Index: freeradius-server-2.2.0/raddb/certs/Makefile
Index: freeradius-server-3.0.0/raddb/certs/Makefile
===================================================================
--- freeradius-server-2.2.0.orig/raddb/certs/Makefile 2012-09-10 13:51:34.000000000 +0200
+++ freeradius-server-2.2.0/raddb/certs/Makefile 2012-09-10 15:46:54.505208498 +0200
--- freeradius-server-3.0.0.orig/raddb/certs/Makefile 2013-10-15 18:20:43.563939081 +0200
+++ freeradius-server-3.0.0/raddb/certs/Makefile 2013-10-15 18:21:35.382475281 +0200
@@ -51,7 +51,7 @@ dh:
# Create a new self-signed CA certificate
#
######################################################################
-ca.key ca.pem: ca.cnf index.txt serial
+ca.key ca.pem: index.txt serial
-ca.key ca.pem: ca.cnf
+ca.key ca.pem:
@[ -f index.txt ] || $(MAKE) index.txt
@[ -f serial ] || $(MAKE) serial
openssl req -new -x509 -keyout ca.key -out ca.pem \
-days $(CA_DEFAULT_DAYS) -config ./ca.cnf
@@ -63,7 +63,7 @@ ca.der: ca.pem
@@ -65,7 +65,7 @@ ca.der: ca.pem
# Create a new server certificate, signed by the above CA.
#
######################################################################
@ -20,7 +20,7 @@ Index: freeradius-server-2.2.0/raddb/certs/Makefile
openssl req -new -out server.csr -keyout server.key -config ./server.cnf
server.crt: server.csr ca.key ca.pem
@@ -85,7 +85,7 @@ server.vrfy: ca.pem
@@ -87,7 +87,7 @@ server.vrfy: ca.pem
# certificate.
#
######################################################################
@ -29,10 +29,10 @@ Index: freeradius-server-2.2.0/raddb/certs/Makefile
openssl req -new -out client.csr -keyout client.key -config ./client.cnf
client.crt: client.csr ca.pem ca.key
Index: freeradius-server-2.2.0/raddb/certs/bootstrap
Index: freeradius-server-3.0.0/raddb/certs/bootstrap
===================================================================
--- freeradius-server-2.2.0.orig/raddb/certs/bootstrap 2012-09-10 13:51:34.000000000 +0200
+++ freeradius-server-2.2.0/raddb/certs/bootstrap 2012-11-10 15:34:07.926849849 +0100
--- freeradius-server-3.0.0.orig/raddb/certs/bootstrap 2013-10-15 18:20:43.563939081 +0200
+++ freeradius-server-3.0.0/raddb/certs/bootstrap 2013-10-15 18:20:45.669960874 +0200
@@ -21,7 +21,9 @@ make -h > /dev/null 2>&1
#
if [ "$?" = "0" ]; then

15
freeradius-server-initscript-pidfile.patch
View File

@ -13,18 +13,3 @@ Index: freeradius-server-2.1.8/suse/rcradiusd
startproc $RADIUSD_BIN >/dev/null
rc_status -v
;;
Index: freeradius-server-2.1.8/suse/rcradius-relayd
===================================================================
--- freeradius-server-2.1.8.orig/suse/rcradius-relayd 2010-05-03 15:37:35.000000000 +0200
+++ freeradius-server-2.1.8/suse/rcradius-relayd 2010-05-03 15:38:58.000000000 +0200
@@ -31,6 +31,10 @@ rc_reset
case "$1" in
start)
echo -n "Starting RADIUS Relay daemon "
+ # /var/run might be on tmpfs, create runtime directory if needed
+ if [ ! -d /var/run/radiusd ]; then
+ install -d -m 0700 -g radiusd -o radiusd /var/run/radiusd
+ fi
startproc $RADIUSD_BIN -s -n radrelay >/dev/null
rc_status -v
;;

20
freeradius-server.changes
View File

@ -1,3 +1,23 @@
-------------------------------------------------------------------
Tue Oct 15 15:15:24 UTC 2013 - vcizek@suse.com
- update to 3.0.0
* new feature release
* see /usr/share/doc/packages/freeradius-server/ChangeLog
for complete list of changes in this release
* documentation for upgrading from 2.x is in /etc/raddb/README.rst
- drop oracle support (wasn't built anyway)
- dropped patches (obsolete):
* freeradius-server-2.1.6-codecleanup.patch
* freeradius-server-2.1.6-dialup_admin.patch
* freeradius-server-2.1.1-edirectory.patch
- added systemd service unit
* radiusd.service
- added systemd-tmpfile for /var/run/radiusd
* freeradius-tmpfiles.conf
- added gpg-offline verification
* freeradius-server.keyring
-------------------------------------------------------------------
Thu Sep 5 17:22:43 CEST 2013 - mls@suse.de

15
freeradius-server.keyring Normal file
View File

@ -0,0 +1,15 @@
pub 1024R/E402497D 2002-02-26
uid Alan T. DeKok <aland@freeradius.org>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.9 (GNU/Linux)
mI0DPHvAUwAAAQQAurbJqE0YQ2rtnzGohprGUxg8Sp2daZ75BBGhtf7SYcn7GO+5
T2JxVpAmuCtyCYf1LHlq8BlWLKmT9sFLDFTFtRl8X0tGwQ8kHZGmDZ4u7FKFiITH
QIwIAhC8MUKbKCbj52qCSPX8EIiaSLye9Aihbnq5NOSyRm6rqS6Xi+QCSX0ABRG0
JEFsYW4gVC4gRGVLb2sgPGFsYW5kQGZyZWVyYWRpdXMub3JnPokAlQMFEDx7wFOp
LpeL5AJJfQEBe84D/A/FUpBe3J9BIWLxas9rRBRpHObyP0qdr271efbDMXXyd4ei
DHMMh0lm0HbMNEppFs15itzPQucLmzFmoxyjQ2Qjs/aJ8TjZpZdq5K5hpgD24bqQ
/4IWOmuisrQJzo1QvjudbEHnHnOSLHzkxSOQxs4XKtmtQopwcB5Z+PMx/RWS
=keuR
-----END PGP PUBLIC KEY BLOCK-----

578
freeradius-server.spec
View File

@ -16,35 +16,47 @@
#
%global with_sysvinit 0
%if 0%{?suse_version} < 1310
%global with_sysvinit 1
%endif
Name: freeradius-server
Version: 2.2.0
%define unitname radiusd
Version: 3.0.0
Release: 0
Summary: Very Highly Configurable Radius Server
License: GPL-2.0 and LGPL-2.1
Group: Productivity/Networking/Radius/Servers
Url: http://www.freeradius.org/
Source: %{name}-%{version}.tar.bz2
Patch1: freeradius-server-2.1.6-dialup_admin.patch
Source: ftp://ftp.freeradius.org/pub/freeradius/%{name}-%{version}.tar.bz2
Source1: radiusd.service
Source2: freeradius-tmpfiles.conf
Source10: ftp://ftp.freeradius.org/pub/freeradius/%{name}-%{version}.tar.bz2.sig
Source11: %{name}.keyring
Patch2: freeradius-server-2.1.6-rcradiusd.patch
Patch3: freeradius-server-2.1.6-codecleanup.patch
Patch7: freeradius-server-fix-cert-bootstrap.patch
Patch8: freeradius-server-initscript-pidfile.patch
Patch9: freeradius-server-radius-reload-logrotate.patch
# PATCH-FIX-UPSTREAM edirectory ldap extensions (bnc#720620)
Patch11: freeradius-server-2.1.1-edirectory.patch
# PATCH-FIX-SUSE use 'su' logrotate option (bnc#677335)
Patch12: freeradius-server-2.1.1-logrotate_su.patch
BuildRequires: apache2-devel
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
BuildRequires: freetds-devel
BuildRequires: gcc-c++
BuildRequires: gdbm-devel
BuildRequires: gettext-devel
BuildRequires: glibc-devel
BuildRequires: gpg-offline
BuildRequires: krb5-devel
BuildRequires: libcom_err-devel
BuildRequires: libcurl-devel
BuildRequires: libidn-devel
BuildRequires: libjson-devel
BuildRequires: libmysqlclient-devel
BuildRequires: libpcap-devel
BuildRequires: libtalloc-devel
BuildRequires: libtool
BuildRequires: ncurses-devel
BuildRequires: net-snmp-devel
@ -54,16 +66,21 @@ BuildRequires: pam-devel
BuildRequires: perl
BuildRequires: postgresql-devel
BuildRequires: python-devel
BuildRequires: ruby-devel
BuildRequires: sqlite3-devel
BuildRequires: unixODBC-devel
BuildRequires: pkgconfig(apr-1)
%if 0%{?suse_version} > 1140
BuildRequires: systemd
%endif
%{?systemd_requires}
PreReq: %fillup_prereq
PreReq: %insserv_prereq
PreReq: coreutils
PreReq: openssl
PreReq: perl
PreReq: pwdutils
%define _oracle_support 0
%define apxs2 apxs2-prefork
%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
Requires: %{name}-libs = %{version}
@ -91,28 +108,6 @@ features are:
* Accounting methods
%if %_oracle_support == 1
%package oracle
Summary: FreeRADIUS Oracle database support
Group: Productivity/Networking/Radius/Servers
BuildRequires: oracle-instantclient-basic
BuildRequires: oracle-instantclient-devel
Requires: %{name} = %{version}
Requires: %{name}-libs = %{version}
Requires: oracle-instantclient-basic
%description oracle
The FreeRADIUS server has a number of features found in other servers,
and additional features not found in any other server. Rather than
doing a feature by feature comparison, we will simply list the features
of the server, and let you decide if they satisfy your needs.
Support for RFC and VSA Attributes Additional server configuration
attributes Selecting a particular configuration Authentication methods
%endif
%package libs
Summary: FreeRADIUS shared library
Group: Productivity/Networking/Radius/Servers
@ -140,23 +135,6 @@ features are:
* Accounting methods
%package dialupadmin
Summary: Web management for FreeRADIUS
Group: Productivity/Networking/Radius/Servers
Requires: http_daemon
Requires: mod_php_any
Requires: perl-Date-Manip
Requires: php
Requires: php-ldap
Requires: php-mysql
Requires: php-pgsql
Requires: php-session
%description dialupadmin
Dialup Admin supports users either in SQL (MySQL or PostgreSQL are
supported) or in LDAP. Apart from the web pages, it also includes a
number of scripts to make the administrator's life a lot easier.
%package devel
Summary: FreeRADIUS Development Files (static libs)
Group: Development/Libraries/C and C++
@ -173,15 +151,79 @@ Requires: %{name}
%description doc
This package contains FreeRADIUS Documentation
%package ldap
Summary: LDAP support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
BuildRequires: openldap2-devel
%description ldap
This plugin provides the LDAP support for the FreeRADIUS server project.
%package krb5
Summary: Kerberos 5 support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
BuildRequires: krb5-devel
%description krb5
This plugin provides the Kerberos 5 support for the FreeRADIUS server project.
%package perl
Summary: Perl support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
Requires: perl
BuildRequires: perl
BuildRequires: perl(ExtUtils::Embed)
%description perl
This plugin provides the Perl support for the FreeRADIUS server project.
%package python
Summary: Python support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
BuildRequires: python-devel
%description python
This plugin provides the Python support for the FreeRADIUS server project.
%package mysql
Summary: MySQL support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
BuildRequires: mysql-devel
%description mysql
This plugin provides the MySQL support for the FreeRADIUS server project.
%package postgresql
Summary: Postgresql support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
BuildRequires: postgresql-devel
%description postgresql
This plugin provides the postgresql support for the FreeRADIUS server project.
%package sqlite
Summary: SQLite support for freeradius
Group: System Environment/Daemons
Requires: %{name} = %{version}
BuildRequires: sqlite-devel
%description sqlite
This plugin provides the SQLite support for the FreeRADIUS server project.
%prep
%gpg_verify %{S:10}
%setup -q
%patch1
%patch2
%patch3
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch11 -p0
%patch12 -p1
%build
@ -196,6 +238,7 @@ export CFLAGS="%{optflags} -DLDAP_DEPRECATED -fstack-protector"
%ifarch x86_64 ppc ppc64 s390 s390x %arm
export CFLAGS="$CFLAGS -fPIC -DPIC"
%endif
#--without-rlm_ruby \
export LDFLAGS="-pie"
%configure \
--disable-static \
@ -216,15 +259,11 @@ export LDFLAGS="-pie"
--without-rlm_sql_db2 \
--without-rlm_sql_firebird \
--without-rlm_sql_iodbc \
--without-rlm_ruby \
--without-rlm_tralalala \
--without-rlm_redis \
--without-rlm_rediswho \
%if %{_oracle_support} == 1
--with-rlm_sql_oracle \
--with-oracle-lib-dir=%{_libdir}/oracle/10.1.0.3/client/lib/
%else
--without-rlm_sql_oracle
%endif
--without-rlm_sql_oracle \
--without-rlm_securid
# no parallel build possible
make
@ -241,6 +280,10 @@ perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radrelay.conf
# logs
touch %{buildroot}%{_localstatedir}/log/radius/radutmp
touch %{buildroot}%{_localstatedir}/log/radius/radius.log
mkdir -p %{buildroot}/usr/lib/tmpfiles.d
mkdir -p %{buildroot}%{_localstatedir}/run/
install -d -m 0710 %{buildroot}%{_localstatedir}/run/radiusd/
install -m 0644 %{SOURCE2} %{buildroot}/usr/lib/tmpfiles.d/radiusd.conf
# SuSE
install -d %{buildroot}%{_sysconfdir}/pam.d
install -d %{buildroot}%{_sysconfdir}/logrotate.d
@ -250,44 +293,71 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/init.d
install -m 744 suse/rcradiusd %{buildroot}%{_sysconfdir}/init.d/freeradius
ln -sf ../..%{_sysconfdir}/init.d/freeradius %{buildroot}%{_sbindir}/rcfreeradius
cp -al %{buildroot}%{_sbindir}/radiusd %{buildroot}%{_sbindir}/radrelay
install -m 744 suse/rcradius-relayd %{buildroot}%{_sysconfdir}/init.d/freeradius-relay
ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay %{buildroot}%{_sbindir}/rcfreeradius-relay
mv -v doc/README doc/README.doc
# install dialup_admin
DIALUPADMIN=%{buildroot}%{_datadir}/dialup_admin
mkdir -p $DIALUPADMIN
cp -r dialup_admin/* %{buildroot}%{_datadir}/dialup_admin
# apache2 config
install -d -m 755 %{buildroot}%{apache2_sysconfdir}/conf.d
install -m 644 suse/admin-httpd.conf %{buildroot}%{apache2_sysconfdir}/conf.d/radius.conf
# remove unneeded stuff
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.crt
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.csr
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.der
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.key
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.pem
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/*.p12
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/index.*
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/serial*
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/dh
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/certs/random
rm -rf doc/00-OLD
rm -rf doc/.gitignore
rm -rf doc/source/.gitignore
rm -f %{buildroot}%{_sbindir}/rc.radiusd
rm -rf %{buildroot}%{_datadir}/doc/freeradius*
rm -rf %{buildroot}%{_libdir}/freeradius/*.*a
rm -f %{buildroot}%{_datadir}/dialup_admin/Makefile
rm -f %{buildroot}%{_defaultdocdir}/%{name}/Makefile
rm -f %{buildroot}%{_defaultdocdir}/%{name}/examples/Makefile
rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/main/mssql
rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/ippool/oracle
rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/main/oracle
%pre
%{_sbindir}/groupadd -r radiusd 2> /dev/null || :
%{_sbindir}/useradd -r -g radiusd -s /bin/false -c "Radius daemon" -d \
%{_localstatedir}/lib/radiusd radiusd 2> /dev/null || :
%if 0%{?suse_version} > 1140
%service_add_pre %{unitname}.service
%endif
%post
# Generate default certificates
if [ $1 -eq 1 ]; then
/etc/raddb/certs/bootstrap
%{_sysconfdir}/raddb/certs/bootstrap
fi
chgrp radiusd /etc/raddb/certs/*
%{fillup_and_insserv freeradius}
chgrp radiusd %{_sysconfdir}/raddb/certs/*
%if %{with_sysvinit}
%fillup_and_insserv freeradius
%endif
%if 0%{?suse_version} > 1140
%service_add_post %{unitname}.service
%endif
%preun
%if %{with_sysvinit}
%stop_on_removal freeradius
%endif
%if 0%{?suse_version} > 1140
%service_del_preun %{unitname}.service
%endif
%postun
%if %{with_sysvinit}
%insserv_cleanup
%restart_on_update freeradius
%{insserv_cleanup}
%endif
%if 0%{?suse_version} > 1140
%service_del_postun %{unitname}.service
%endif
%clean
rm -rf %{buildroot}
@ -300,47 +370,24 @@ rm -rf %{buildroot}
%defattr(-,root,root)
# doc
%doc suse/README.SuSE
%doc COPYRIGHT CREDITS LICENSE README doc/ChangeLog
%doc COPYRIGHT CREDITS LICENSE doc/ChangeLog
# SuSE
%{_sysconfdir}/init.d/freeradius
%{_sysconfdir}/init.d/freeradius-relay
%config %{_sysconfdir}/pam.d/radiusd
%config %{_sysconfdir}/logrotate.d/radiusd
%{_sbindir}/rcfreeradius
%{_sbindir}/rcfreeradius-relay
%dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd
# configs
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/trigger.conf
%defattr(-,root,radiusd)
%{_sysconfdir}/raddb/README.rst
%config(noreplace) %{_sysconfdir}/raddb/dictionary
%config(noreplace) %{_sysconfdir}/raddb/acct_users
%config(noreplace) %{_sysconfdir}/raddb/attrs
%config(noreplace) %{_sysconfdir}/raddb/attrs.access_reject
%config(noreplace) %{_sysconfdir}/raddb/attrs.accounting_response
%config(noreplace) %{_sysconfdir}/raddb/attrs.pre-proxy
%config(noreplace) %{_sysconfdir}/raddb/attrs.access_challenge
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/clients.conf
%config(noreplace) %{_sysconfdir}/raddb/hints
%config(noreplace) %{_sysconfdir}/raddb/huntgroups
%config(noreplace) %{_sysconfdir}/raddb/ldap.attrmap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sqlippool.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/preproxy_users
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/proxy.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/radiusd.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/modules
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/modules/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mssql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mysql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/oracle
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/postgresql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/ndb
%{_sysconfdir}/raddb/sql/ndb/README
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.sql
%{_sysconfdir}/raddb/sql/oracle/msqlippool.txt
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/users
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/experimental.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs
%{_sysconfdir}/raddb/certs/Makefile
@ -348,14 +395,160 @@ rm -rf %{buildroot}
%{_sysconfdir}/raddb/certs/xpextensions
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/certs/*.cnf
%attr(750,root,radiusd) %{_sysconfdir}/raddb/certs/bootstrap
%config /usr/lib/tmpfiles.d/radiusd.conf
# mods-config
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config
%{_sysconfdir}/raddb/mods-config/README.rst
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/attr_filter
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/attr_filter/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/ruby
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/ruby/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/files
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/files/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/preprocess
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/preprocess/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main
# sites-available
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-available
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/*
%{_sysconfdir}/raddb/sites-available/README
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/control-socket
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/decoupled-accounting
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/robust-proxy-accounting
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/soh
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/coa
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/example
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/inner-tunnel
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/dhcp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/check-eap-tls
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/status
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/dhcp.relay
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/virtual.example.com
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/originate-coa
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/vmps
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/default
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/proxy-inner-tunnel
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/dynamic-clients
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/copy-acct-to-home-server
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/buffered-sql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/tls
# sites-enabled
# symlink: %{_sysconfdir}/raddb/sites-enabled/xxx -> ../sites-available/xxx
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-enabled
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-enabled/*
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/eap.conf
%attr(640,root,radiusd) %{_sysconfdir}/raddb/example.pl
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.conf
%{_sysconfdir}/raddb/policy.txt
%config(missingok) %{_sysconfdir}/raddb/sites-enabled/inner-tunnel
%config(missingok) %{_sysconfdir}/raddb/sites-enabled/default
# mods-available
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-available
%{_sysconfdir}/raddb/mods-available/README.rst
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/always
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/attr_filter
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/cache
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/cache_eap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/chap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/counter
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/cui
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/detail
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/detail.example.com
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/detail.log
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/dhcp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/dhcp_sqlippool
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/digest
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/dynamic_clients
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/eap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/echo
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available%{_sysconfdir}_group
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/exec
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/expiration
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/expr
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/files
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/idn
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/inner-eap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/ippool
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/linelog
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/logintime
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/mac2ip
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/mac2vlan
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/mschap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/ntlm_auth
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/opendirectory
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/otp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/pam
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/pap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/passwd
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/preprocess
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/python
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/radutmp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/realm
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/redis
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/rediswho
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/replicate
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/rest
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/smbpasswd
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/smsotp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/soh
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sometimes
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sqlippool
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/sradutmp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/unix
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/utf8
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/wimax
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/yubikey
# mods-enabled
# symlink: %{_sysconfdir}/raddb/mods-enabled/xxx -> ../mods-available/xxx
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-enabled
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/always
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/attr_filter
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/cache_eap
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/chap
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/detail
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/detail.log
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/dhcp
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/digest
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/dynamic_clients
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/eap
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/echo
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/exec
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/expiration
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/expr
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/files
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/linelog
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/logintime
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/mschap
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/ntlm_auth
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/pap
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/passwd
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/preprocess
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/radutmp
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/realm
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/replicate
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/soh
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/sradutmp
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/unix
%config(missingok) %{_sysconfdir}/raddb/mods-enabled/utf8
# policy
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/policy.d
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/accounting
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/canonicalization
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/control
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/cui
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/dhcp
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/eap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/filter
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.d/operator-name
%config(noreplace) %{_sysconfdir}/raddb/users
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/templates.conf
%attr(700,radiusd,radiusd) %dir %ghost %{_localstatedir}/run/radiusd/
# binaries
@ -364,7 +557,6 @@ rm -rf %{buildroot}
%{_sbindir}/radiusd
%{_sbindir}/radmin
%{_sbindir}/radrelay
%{_sbindir}/radwatch
%{_sbindir}/raddebug
# man-pages
%doc %{_mandir}/man5/*
@ -377,9 +569,65 @@ rm -rf %{buildroot}
%attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/radacct/
%attr(644,radiusd,radiusd) %{_localstatedir}/log/radius/radutmp
%config(noreplace) %attr(600,radiusd,radiusd) %{_localstatedir}/log/radius/radius.log
# RADIUS Loadable Modules
%attr(755,root,root) %dir %{_libdir}/freeradius
%attr(755,root,root) %{_libdir}/freeradius/rlm_*.so*
# loadable modules
%dir %attr(755,root,root) %{_libdir}/freeradius
%{_libdir}/freeradius/proto_dhcp.so
%{_libdir}/freeradius/proto_vmps.so
%{_libdir}/freeradius/rlm_always.so
%{_libdir}/freeradius/rlm_attr_filter.so
%{_libdir}/freeradius/rlm_cache.so
%{_libdir}/freeradius/rlm_chap.so
%{_libdir}/freeradius/rlm_counter.so
%{_libdir}/freeradius/rlm_cram.so
%{_libdir}/freeradius/rlm_detail.so
%{_libdir}/freeradius/rlm_dhcp.so
%{_libdir}/freeradius/rlm_digest.so
%{_libdir}/freeradius/rlm_dynamic_clients.so
%{_libdir}/freeradius/rlm_eap.so
%{_libdir}/freeradius/rlm_eap_gtc.so
%{_libdir}/freeradius/rlm_eap_leap.so
%{_libdir}/freeradius/rlm_eap_md5.so
%{_libdir}/freeradius/rlm_eap_mschapv2.so
%{_libdir}/freeradius/rlm_eap_peap.so
%{_libdir}/freeradius/rlm_eap_pwd.so
%{_libdir}/freeradius/rlm_eap_sim.so
%{_libdir}/freeradius/rlm_eap_tls.so
%{_libdir}/freeradius/rlm_eap_ttls.so
%{_libdir}/freeradius/rlm_exec.so
%{_libdir}/freeradius/rlm_expiration.so
%{_libdir}/freeradius/rlm_expr.so
%{_libdir}/freeradius/rlm_files.so
%{_libdir}/freeradius/rlm_ippool.so
%{_libdir}/freeradius/rlm_linelog.so
%{_libdir}/freeradius/rlm_logintime.so
%{_libdir}/freeradius/rlm_mschap.so
%{_libdir}/freeradius/rlm_otp.so
%{_libdir}/freeradius/rlm_pam.so
%{_libdir}/freeradius/rlm_pap.so
%{_libdir}/freeradius/rlm_passwd.so
%{_libdir}/freeradius/rlm_preprocess.so
%{_libdir}/freeradius/rlm_radutmp.so
%{_libdir}/freeradius/rlm_realm.so
%{_libdir}/freeradius/rlm_replicate.so
%{_libdir}/freeradius/rlm_soh.so
%{_libdir}/freeradius/rlm_sometimes.so
%{_libdir}/freeradius/rlm_sql.so
%{_libdir}/freeradius/rlm_sqlcounter.so
%{_libdir}/freeradius/rlm_sqlippool.so
%{_libdir}/freeradius/rlm_sql_null.so
%{_libdir}/freeradius/rlm_unix.so
%{_libdir}/freeradius/rlm_utf8.so
%{_libdir}/freeradius/rlm_wimax.so
%{_libdir}/freeradius/rlm_yubikey.so
%{_libdir}/freeradius/rlm_example.so
%{_libdir}/freeradius/rlm_idn.so
%{_libdir}/freeradius/rlm_rest.so
%{_libdir}/freeradius/rlm_ruby.so
%{_libdir}/freeradius/rlm_smsotp.so
%{_libdir}/freeradius/rlm_sql_freetds.so
%{_libdir}/freeradius/rlm_sql_unixodbc.so
%{_libdir}/freeradius/rlm_sqlhpwippool.so
%files utils
%defattr(-,root,root)
@ -391,33 +639,105 @@ rm -rf %{buildroot}
# RADIUS shared libs
%attr(755,root,root) %dir %{_libdir}/freeradius
%attr(755,root,root) %{_libdir}/freeradius/lib*.so*
%if %{_oracle_support} == 1
%files oracle
%defattr(-,radiusd,radiusd)
%attr(755,root,root) %dir %{_libdir}/freeradius
%attr(755,root,root) %{_libdir}/freeradius/rlm_sql_oracle*.so*
%endif
%files dialupadmin
%defattr(-,root,root)
%dir %{_datadir}/dialup_admin/
%{_datadir}/dialup_admin/bin/
%{_datadir}/dialup_admin/doc/
%{_datadir}/dialup_admin/htdocs/
%{_datadir}/dialup_admin/html/
%{_datadir}/dialup_admin/lib/
%{_datadir}/dialup_admin/sql/
%dir %{_datadir}/dialup_admin/conf/
%config(noreplace) %{_datadir}/dialup_admin/conf/*
%dir %{apache2_sysconfdir}/conf.d
%config(noreplace) %{apache2_sysconfdir}/conf.d/radius.conf
%{_datadir}/dialup_admin/Changelog
%{_datadir}/dialup_admin/README
%files devel
%defattr(-,root,root)
%dir %attr(755,root,root) %{_includedir}/freeradius
%attr(644,root,root) %{_includedir}/freeradius/*.h
%files krb5
%{_libdir}/freeradius/rlm_krb5.so
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/krb5
%files perl
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/perl
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/perl
%{_sysconfdir}/raddb/mods-config/perl/example.pl
%{_libdir}/freeradius/rlm_perl.so
%files python
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/python
%{_sysconfdir}/raddb/mods-config/python/example.py*
%{_libdir}/freeradius/rlm_python.so
%files mysql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/mysql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/mysql/queries.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui/mysql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/mysql/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/mysql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/mysql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/mysql/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/mysql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/mysql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/mysql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/setup.sql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras/wimax
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras/wimax/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/mysql/extras/wimax/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/ndb
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/ndb/setup.sql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/ndb/schema.sql
%{_sysconfdir}/raddb/mods-config/sql/main/ndb/README
%{_libdir}/freeradius/rlm_sql_mysql.so
%files postgresql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/counter/postgresql/queries.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui/postgresql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/postgresql/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/postgresql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/postgresql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/setup.sql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras/update_radacct_group.sql
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras/voip-postpaid.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/postgresql/extras/cisco_h323_db_schema.sql
%{_libdir}/freeradius/rlm_sql_postgresql.so
%files sqlite
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/cui/sqlite
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/sqlite/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/cui/sqlite/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool/sqlite
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/sqlite/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool/sqlite/schema.sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/sqlite
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/ippool-dhcp/sqlite/queries.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/mods-config/sql/main/sqlite
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/sqlite/queries.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-config/sql/main/sqlite/schema.sql
%{_libdir}/freeradius/rlm_sql_sqlite.so
%files ldap
%{_libdir}/freeradius/rlm_ldap.so
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/mods-available/ldap
%changelog

1
freeradius-tmpfiles.conf Normal file
View File

@ -0,0 +1 @@
D /var/run/radiusd 0710 radiusd radiusd -

15
radiusd.service Normal file
View File

@ -0,0 +1,15 @@
[Unit]
Description=FreeRADIUS high performance RADIUS server.
After=syslog.target network.target
[Service]
Type=forking
PIDFile=/var/run/radiusd/radiusd.pid
ExecStartPre=-/bin/chown -R radiusd.radiusd /var/run/radiusd
ExecStartPre=/usr/sbin/radiusd -C
ExecStart=/usr/sbin/radiusd -d /etc/raddb
ExecReload=/usr/sbin/radiusd -C
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target