Thank you very much for your work David!
But I rather want to compile it by myself, because:
a) I don't want to update all my ports, because than I am "supposed" to
update my RELEASE version of FreeBSD to an STABLE version and reinstall
all packages and re-check my configuration files in etc ... bla bla ...
(it's a production server)
b) I might need to upgrade FreeRADIUServer in future ... and _only_
FreeRADIUServer .. so it might be a good exercise for me to get know
about how to compile FreeRADIUServer and also of the dependencies I'll
need in my case to be a little more independent and flexible of the
provided binary packages of FreeBSD.
Best regards,
Leander
David Wood schrieb:
Hi Leander and all,
In message <[EMAIL PROTECTED]>, Leander S.
<[EMAIL PROTECTED]> writes
Yes, thanks I understood this. But the Reason why I'm asking is,
because I want to know about the version numbers which are required
for example with snmp - because I use FreeBSD 7.0 RELEASE and there
might be not the newst snmp software ready to install from the ports.
The latest SNMP software is available in FreeBSD ports - well, very
nearly. net-mgmt/net-snmp is currently at version 5.4.1 whilst it
looks like Net SNMP version 5.4.1.2 has just been released.
However, the issue with SNMP is not how new the SNMP software is! As
has been said, the SNMP code in FreeRADIUS has rotted; it's not 64 bit
safe, it uses the obsolescent smux protocol and it uses the ucd-snmp
API. The latter of these issues means FreeRADIUS's SNMP code only
works on FreeBSD against the obsolescent net-mgmt/net-snmp4 port,
which is UCD SNMP.
The correct way ahead with the FreeRADIUS SNMP code is widely
acknowledged to be a rewrite using AgentX - however the new statistics
code may turn out to be a better option. I wonder if the current SNMP
code will be retired now that the statistics code is available.
Rather than worrying about the dependencies, you could just install
the FreeBSD net/freeradius2 port. I've done all the work for you -
I've even provided an option to install every FreeRADIUS feature for
which the libraries are available in ports.
The net/freeradius2 port isn't in 7.0-RELEASE - it missed the deadline
to be included. Even if it hadn't missed the deadline, it would have
been version 2.0.0.
All you need to do is to bring your ports tree up to date via your
favourite method. 'portsnap fetch update' will do the job. At the
moment, the port is still 2.0.3 - there's been some configuration
management stuff to sort out that needs to go in the upgrade to 2.0.5.
Once you have an up to date ports tree in /usr/ports, the following
commands should download and install a pre-release version of the
2.0.5 port:
cp -R /usr/ports/net/freeradius2 freeradius2
fetch http://www.wood2.org.uk/freebsd/port-freeradius2-2.0.5.patch
patch -sd freeradius2 -i ../port-freeradius2-2.0.5.patch && \
find freeradius2 -name '*.orig' -delete
( cd freeradius2 ; make install )
should do the job.
I suggest copying and pasting those lines to a shell prompt. Note that
the last step almost certainly requires root privileges.
If you did not already have a FreeRADIUS configuration in
/usr/local/etc/raddb, a copy of the sample configuration is made there
ready for your customisation and raddb/certs has been bootstrapped so
that the server is ready to go.
Unless you deliberately disable the USER option, the server is
configured to use the freeradius user and freeradius group (the group
and user are created if necessary). This is recommended from a
security perspective.
The port installs an rc.d script for radiusd.
Finally, you'll get a message on screen giving you various useful
information including pointers to the documentation and the FreeRADIUS
Wiki.
I hope that this latest version of the port is easier to get going
'out of the box' than any previous version. Whilst it's a pre-release,
I've completed my testing on it tonight - the only task remaining is
to write up some documentation, then hopefully I can get it committed
to the ports tree.
** IMPORTANT **
If you have an existing FreeRADIUS configuration, back up
/usr/local/etc/raddb *before* uninstalling the old FreeRADIUS port -
otherwise you will finish up with unmodified files being deleted from
your existing configuration and these files not being restored after
you install the 2.0.5 port.
This is the issue that's delaying the upgrade until it's properly
documented. The behaviour of the port is being changed to prevent this
problem in the future.
For more details, see
http://www.freebsd.org/cgi/query-pr.cgi?pr=124439
** IMPORTANT **
It is important to read /usr/ports/UPDATING after updating your ports
tree. If you haven't already been through this, there's been an update
to gettext that means many ports need rebuilding.
Best wishes,
David
(FreeBSD port maintainer for FreeRADIUS)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
