On 02/13/2013 04:03 AM, Jamie Lee wrote:
Hello,
I’ve just completed the configuration of a 2.1.10 free radius server on
CentOS 6.2 and want to upgrade to FR 2.2.x to remove the vulnerability.
Does anyone have a guide or any advice on what I need to do and back up
in order to ensure that I don’t lose any of my site specific settings. I
have configured it to work with AD using NTLM_Auth and Samba.
Red Hat has shipped the 2.1.12-4 RPM with the CVE fix applied, not sure
if CentOS has kept up. We have not shipped 2.2 for RHEL 6. You'll either
have to build an RPM (see http://wiki.freeradius.org/guide/Red-Hat-FAQ
for how to do that) or build from the tarball.
All the configuration is under /etc/raddb, make sure that's backed up.
As a general rule it's good practice to put your configuration files
under source code control anyway.
If you use an RPM to update configuration files you've modified will be
moved to .rpmsave, look for those after the install completes and adjust
accordingly. If memory serves me correctly 2.2.x has logic in it to that
ignores .rpmnew,, .rpmsave, .bak, ~, apt files, etc. so their presence
won't cause problems like they used to. Running rpm freeradius -qV
before installing will verify the installed files and tell you any
you've modified. If you install via "make install" nothing will be
preserved.
Any other data stored in your backends (e.g. SQL, LDAP) shouldn't be
affected and you're on your own to back that up anyway.
HTH,
John
--
John Dennis <[email protected]>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
