On 9/17/02 5:55 AM, "Alan DeKok" <[EMAIL PROTECTED]> wrote:
> Philip Kearney <[EMAIL PROTECTED]> wrote:
>
>> I set cache = no in radiusd.conf and then did radiusd -X
>
> No, that won't help. You should also comment out the 'passwd',
> 'shadow', and 'group' configurations, too.
That works! :-)
No seg-fault anymore and running radtest returns the proper Access-Accept or
Access-Reject messages for unknown users versus those defined on the
machine.
So basically it works great now! yay! :-)
And now to summarise for anyone wanting to get it up and running on MacOS X:
----------
0) download, unzip and untar freeradius.tar.gz
1) $ ./configure --disable-shared (So static libraries are built)
2) Modify ./src/include/sysutmp.h to #undef HAVE_UTMP_H
3) Modify ./src/modules/rlm_pam/rlm_pam.c to change the include directive
from #include <security/pam_appl.h> to #include <pam/pam_appl.h>
4) Modify ./src/modules/rlm_sql/drivers/rlm_sql_iodbc/sql_iodbc.c, line 214
to change the return type of that function to SQL_ROW so it matches the
function prototype in sql_iodbc.h. One could also instead change the return
type to int in the header file sql_iodbc.h.
5) $ cd ./src
6) $ make
7) $ make install
8) Modify radiusd.conf as follows:
In the unix section:
8a) set "cache = no"
8b) set "cache_reload = 0"
8c) COMMENT OUT the "passwd =", "shadow =", and "group =" lines.
8d) Save changes and exit whatever editor you used to edit radiusd.conf.
9) Now run radiusd -X and test things out with radtest.
10) Assuming everything works, set up your clients.conf and other config
files as appropriate to suit your needs and set radiusd to run on boot and
you're done.
You now have FreeRADIUS running under MacOS X.
*Note: I did all of my ./configure and make, etc. under sudo.
----------
As far as the mods I had to do, the config scripts should probably be
modified so that the default is static libraries when compiling under MacOS
X. Also the config stuff should explicitly make sure that HAVE_UTMP_H is
NOT defined when compiling under MacOS X.
Then in rlm_pam.c someone can add an #if defined(MacOSX) or something
(whatever the makefile guys decide to define for when one is compiling on a
Mac) so that you have:
#if !defined(MacOSX)
#include <security/pam_appl.h>
#else /* MacOS X puts pam_appl.h in a different directory */
#include <pam/pam_appl.h>
#endif
The last one in sql_iodbc.c/sql_iodbc.h is just a bug which should be caught
by more compilers. The function returns an int not a SQL_ROW, it's plain to
see when looking at the source. The header file sql_iodbc.h should be
corrected so the function prototype matches the function definition in the
source file.
With those simple mods to configure and two source files, MacOS X users
should be able to do like everyone else, ./configure; make; make install and
have FreeRADIUS running easily on any Mac booting MacOS X.
If someone then adds comments to radiusd.conf telling MacOS X users to set
cache to no and comment out the passwd, shadow, and group lines. No one
trying to get radiusd to a testable state under MacOS X should have any
problems.
If/When the above changes are made so it just compiles and works on MacOS X,
let me know via e-mail and I'll download that rev of the source and test the
changes out.
That's about it. FreeRADIUS works for me and I'm happy now. :-)
All the best,
PK
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
