# # spec file for package freeradius-server # # Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: freeradius-server Version: 2.1.12 Release: 0 Summary: Very Highly Configurable Radius Server License: GPL-2.0 ; LGPL-2.1 Group: Productivity/Networking/Radius/Servers Url: http://www.freeradius.org/ Source: %{name}-%{version}.tar.bz2 Patch1: freeradius-server-2.1.6-dialup_admin.patch Patch2: freeradius-server-2.1.6-rcradiusd.patch Patch3: freeradius-server-2.1.6-codecleanup.patch Patch5: freeradius-server-2.1.6-overflow.patch Patch6: freeradius-server-sha1-default.patch Patch7: freeradius-server-fix-cert-bootstrap.patch Patch8: freeradius-server-initscript-pidfile.patch Patch9: freeradius-server-radius-reload-logrotate.patch # PATCH-FIX-UPSTREAM edirectory ldap extensions (bnc#720620) Patch11: freeradius-server-2.1.1-edirectory.patch # PATCH-FIX-SUSE use 'su' logrotate option (bnc#677335) Patch12: freeradius-server-2.1.1-logrotate_su.patch BuildRequires: apache2-devel BuildRequires: cyrus-sasl-devel BuildRequires: db-devel BuildRequires: gcc-c++ BuildRequires: gdbm-devel BuildRequires: gettext-devel BuildRequires: glibc-devel BuildRequires: krb5-devel BuildRequires: libcom_err-devel BuildRequires: libmysqlclient-devel BuildRequires: libpcap-devel BuildRequires: libtool BuildRequires: ncurses-devel BuildRequires: net-snmp-devel BuildRequires: openldap2-devel BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: perl BuildRequires: postgresql-devel BuildRequires: python-devel BuildRequires: sqlite3-devel BuildRequires: unixODBC-devel BuildRequires: pkgconfig(apr-1) PreReq: %fillup_prereq PreReq: %insserv_prereq PreReq: coreutils PreReq: openssl PreReq: perl PreReq: pwdutils %define _oracle_support 0 %define apxs2 apxs2-prefork %define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR) Requires: %{name}-libs = %{version} Requires: python Recommends: logrotate Provides: freeradius = %{version} Provides: radiusd Obsoletes: freeradius < %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build Conflicts: radiusd-livingston radiusd-cistron icradius %description The FreeRADIUS server has a number of features found in other servers and additional features not found in any other server. The server's features are: * Support for RFC and VSA attributes * Additional server configuration attributes * Selection of a particular configuration * Authentication methods * Accounting methods %if %_oracle_support == 1 %package oracle Summary: FreeRADIUS Oracle database support Group: Productivity/Networking/Radius/Servers BuildRequires: oracle-instantclient-basic BuildRequires: oracle-instantclient-devel Requires: %{name} = %{version} Requires: %{name}-libs = %{version} Requires: oracle-instantclient-basic %description oracle The FreeRADIUS server has a number of features found in other servers, and additional features not found in any other server. Rather than doing a feature by feature comparison, we will simply list the features of the server, and let you decide if they satisfy your needs. Support for RFC and VSA Attributes Additional server configuration attributes Selecting a particular configuration Authentication methods %endif %package libs Summary: FreeRADIUS shared library Group: Productivity/Networking/Radius/Servers %description libs The FreeRADIUS shared library %package utils Summary: FreeRADIUS Clients Group: Productivity/Networking/Radius/Clients Requires: %{name}-libs = %{version} %description utils The FreeRADIUS server has a number of features found in other servers and additional features not found in any other server. The server's features are: * Support for RFC and VSA attributes * Additional server configuration attributes * Selection of a particular configuration * Authentication methods * Accounting methods %package dialupadmin Summary: Web management for FreeRADIUS Group: Productivity/Networking/Radius/Servers Requires: http_daemon Requires: mod_php_any Requires: perl-Date-Manip Requires: php Requires: php-ldap Requires: php-mysql Requires: php-pgsql Requires: php-session %description dialupadmin Dialup Admin supports users either in SQL (MySQL or PostgreSQL are supported) or in LDAP. Apart from the web pages, it also includes a number of scripts to make the administrator's life a lot easier. %package devel Summary: FreeRADIUS Development Files (static libs) Group: Development/Libraries/C and C++ Requires: %{name}-libs = %{version} %description devel These are the static libraries for the FreeRADIUS package. %package doc Summary: FreeRADIUS Documentation Group: Productivity/Networking/Radius/Servers Requires: %{name} %description doc This package contains FreeRADIUS Documentation %prep %setup -q %patch1 %patch2 %patch3 %patch5 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch11 -p0 %patch12 -p1 %build modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" TIME="\"$(date -d "${modified}" "+%%R")\"" find . -type f -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} + # This package failed when testing with -Wl,-as-needed being default. # So we disable it here, if you want to retest, just delete this comment and the line below. export SUSE_ASNEEDED=0 export CFLAGS="%{optflags} -DLDAP_DEPRECATED -fstack-protector" %ifarch x86_64 ppc ppc64 s390 s390x %arm export CFLAGS="$CFLAGS -fPIC -DPIC" %endif export LDFLAGS="-pie" %configure \ --disable-static \ --with-pic \ --libdir=%{_libdir}/freeradius \ --disable-ltdl-install \ --enable-strict-dependencies \ --with-edir \ --with-experimental-modules \ --with-gnu-ld \ --with-system-libtool \ --with-udpfromto \ --without-rlm_eap_ikev2 \ --without-rlm_eap_tnc \ --with-rlm-krb5-lib-dir=%{_libdir} \ --without-rlm_opendirectory \ --without-rlm_sql_db2 \ --without-rlm_sql_firebird \ --without-rlm_sql_iodbc \ --without-rlm_ruby \ --without-rlm_redis \ --without-rlm_rediswho \ %if %{_oracle_support} == 1 --with-rlm_sql_oracle \ --with-oracle-lib-dir=%{_libdir}/oracle/10.1.0.3/client/lib/ %else --without-rlm_sql_oracle %endif # no parallel build possible make %install mkdir -p %{buildroot}%{_localstatedir}/lib/radiusd make install R=%{buildroot} INSTALLSTRIP= # modify default configuration RADDB=%{buildroot}%{_sysconfdir}/raddb perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radiusd.conf perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radiusd.conf perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radrelay.conf perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radrelay.conf /sbin/ldconfig -n %{buildroot}%{_libdir}/freeradius # logs touch %{buildroot}%{_localstatedir}/log/radius/radutmp touch %{buildroot}%{_localstatedir}/log/radius/radius.log # SuSE install -d %{buildroot}%{_sysconfdir}/pam.d install -d %{buildroot}%{_sysconfdir}/logrotate.d install -m 644 suse/radiusd-pam %{buildroot}%{_sysconfdir}/pam.d/radiusd install -m 644 suse/radiusd-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/radiusd install -d -m 755 %{buildroot}%{_sysconfdir}/init.d install -m 744 suse/rcradiusd %{buildroot}%{_sysconfdir}/init.d/freeradius ln -sf ../..%{_sysconfdir}/init.d/freeradius %{buildroot}%{_sbindir}/rcfreeradius cp -al %{buildroot}%{_sbindir}/radiusd %{buildroot}%{_sbindir}/radrelay install -m 744 suse/rcradius-relayd %{buildroot}%{_sysconfdir}/init.d/freeradius-relay ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay %{buildroot}%{_sbindir}/rcfreeradius-relay mv -v doc/README doc/README.doc # install dialup_admin DIALUPADMIN=%{buildroot}%{_datadir}/dialup_admin mkdir -p $DIALUPADMIN cp -r dialup_admin/* %{buildroot}%{_datadir}/dialup_admin # apache2 config install -d -m 755 %{buildroot}%{apache2_sysconfdir}/conf.d install -m 644 suse/admin-httpd.conf %{buildroot}%{apache2_sysconfdir}/conf.d/radius.conf # remove unneeded stuff rm -rf doc/00-OLD rm -f %{buildroot}%{_sbindir}/rc.radiusd rm -rf %{buildroot}%{_datadir}/doc/freeradius* rm -rf %{buildroot}%{_libdir}/freeradius/*.*a rm -f %{buildroot}%{_datadir}/dialup_admin/Makefile rm -f %{buildroot}%{_defaultdocdir}/%{name}/Makefile rm -f %{buildroot}%{_defaultdocdir}/%{name}/examples/Makefile %pre %{_sbindir}/groupadd -r radiusd 2> /dev/null || : %{_sbindir}/useradd -r -g radiusd -s /bin/false -c "Radius daemon" -d \ %{_localstatedir}/lib/radiusd radiusd 2> /dev/null || : %post # Generate default certificates if [ $1 -eq 1 ]; then /etc/raddb/certs/bootstrap fi chgrp radiusd /etc/raddb/certs/* %{fillup_and_insserv freeradius} %preun %stop_on_removal freeradius %postun %restart_on_update freeradius %{insserv_cleanup} %clean rm -rf %{buildroot} %files doc %defattr(-,root,root) %doc doc/* %files %defattr(-,root,root) # doc %doc suse/README.SuSE %doc COPYRIGHT CREDITS LICENSE README doc/ChangeLog # SuSE %{_sysconfdir}/init.d/freeradius %{_sysconfdir}/init.d/freeradius-relay %config %{_sysconfdir}/pam.d/radiusd %config %{_sysconfdir}/logrotate.d/radiusd %{_sbindir}/rcfreeradius %{_sbindir}/rcfreeradius-relay %dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd # configs %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb %defattr(-,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/dictionary %config(noreplace) %{_sysconfdir}/raddb/acct_users %config(noreplace) %{_sysconfdir}/raddb/attrs %config(noreplace) %{_sysconfdir}/raddb/attrs.access_reject %config(noreplace) %{_sysconfdir}/raddb/attrs.accounting_response %config(noreplace) %{_sysconfdir}/raddb/attrs.pre-proxy %config(noreplace) %{_sysconfdir}/raddb/attrs.access_challenge %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/clients.conf %config(noreplace) %{_sysconfdir}/raddb/hints %config(noreplace) %{_sysconfdir}/raddb/huntgroups %config(noreplace) %{_sysconfdir}/raddb/ldap.attrmap %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sqlippool.conf %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/preproxy_users %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/proxy.conf %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/radiusd.conf %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql.conf %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/modules %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/modules/* %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mssql %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mysql %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/oracle %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/postgresql %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/ndb %{_sysconfdir}/raddb/sql/ndb/README %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.conf %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.sql %{_sysconfdir}/raddb/sql/oracle/msqlippool.txt %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/users %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/experimental.conf %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs %{_sysconfdir}/raddb/certs/Makefile %{_sysconfdir}/raddb/certs/README %{_sysconfdir}/raddb/certs/xpextensions %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/certs/*.cnf %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs/bootstrap %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-available %attr(640,root,radiusd) %{_sysconfdir}/raddb/sites-available/* %dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-enabled %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-enabled/* %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/eap.conf %attr(640,root,radiusd) %{_sysconfdir}/raddb/example.pl %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.conf %{_sysconfdir}/raddb/policy.txt %attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/templates.conf %attr(700,radiusd,radiusd) %dir %ghost %{_localstatedir}/run/radiusd/ # binaries %defattr(-,root,root) %{_sbindir}/checkrad %{_sbindir}/radiusd %{_sbindir}/radmin %{_sbindir}/radrelay %{_sbindir}/radwatch %{_sbindir}/raddebug # man-pages %doc %{_mandir}/man5/* %doc %{_mandir}/man8/* # dictionaries %attr(755,root,root) %dir %{_datadir}/freeradius %{_datadir}/freeradius/* # logs %attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/ %attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/radacct/ %attr(644,radiusd,radiusd) %{_localstatedir}/log/radius/radutmp %config(noreplace) %attr(600,radiusd,radiusd) %{_localstatedir}/log/radius/radius.log # RADIUS Loadable Modules %attr(755,root,root) %dir %{_libdir}/freeradius %attr(755,root,root) %{_libdir}/freeradius/rlm_*.so* %files utils %defattr(-,root,root) %doc %{_mandir}/man1/* %{_bindir}/* %files libs %defattr(-,root,root) # RADIUS shared libs %attr(755,root,root) %dir %{_libdir}/freeradius %attr(755,root,root) %{_libdir}/freeradius/lib*.so* %if %{_oracle_support} == 1 %files oracle %defattr(-,radiusd,radiusd) %attr(755,root,root) %dir %{_libdir}/freeradius %attr(755,root,root) %{_libdir}/freeradius/rlm_sql_oracle*.so* %endif %files dialupadmin %defattr(-,root,root) %dir %{_datadir}/dialup_admin/ %{_datadir}/dialup_admin/bin/ %{_datadir}/dialup_admin/doc/ %{_datadir}/dialup_admin/htdocs/ %{_datadir}/dialup_admin/html/ %{_datadir}/dialup_admin/lib/ %{_datadir}/dialup_admin/sql/ %dir %{_datadir}/dialup_admin/conf/ %config(noreplace) %{_datadir}/dialup_admin/conf/* %config(noreplace) %{apache2_sysconfdir}/conf.d/radius.conf %{_datadir}/dialup_admin/Changelog %{_datadir}/dialup_admin/README %files devel %defattr(-,root,root) %dir %attr(755,root,root) %{_includedir}/freeradius %attr(644,root,root) %{_includedir}/freeradius/*.h %changelog