Hello John -
An alternative approach that I always use is to keep all versions of Radiator
in separate source directories, and run radiusd from the corresponding source
directory when testing and in production.
Ie. here is my source repository:
TiTi:Radiator hugh$ pwd
/Local/src/Radiator
TiTi:Radiator hugh$ ls
EAP-SIM Radiator-3.14.tgz
Radiator-3.9.save Radiator-4.4.tgz
Radiator-Locked-3.17.1
Live CD Radiator-3.15
Radiator-3.9.tgz Radiator-4.5
Radiator-Locked-3.17.1.tgz
Radiator Radiator-3.15.tgz Radiator-4.0
Radiator-4.5.1 Radiator-Locked-4.2
Radiator-3.10 Radiator-3.16
Radiator-4.0.tgz Radiator-4.5.1.tgz
Radiator-Locked-4.2.tgz
Radiator-3.10.tar.gz Radiator-3.16.tgz
Radiator-4.0alpha Radiator-4.5.tgz
Radiator-Locked-4.6
Radiator-3.11 Radiator-3.17
Radiator-4.0alpha.tgz Radiator-4.6
Radiator-Locked-4.6.tgz
Radiator-3.11.hugh Radiator-3.17.1
Radiator-4.0beta Radiator-4.6.save
Radiator-Locked-4.7
Radiator-3.11.save Radiator-3.17.1.save
Radiator-4.0beta.tgz Radiator-4.6.save.2
Radiator-Locked-4.7.tgz
Radiator-3.11.tgz Radiator-3.17.1.tgz Radiator-4.1
Radiator-4.6.tgz Radius-EAP-SIM
Radiator-3.11.xxx Radiator-3.17.tgz
Radiator-4.1.tgz Radiator-4.7
Radius-EAP-SIM-1.16
Radiator-3.12 Radiator-3.6 Radiator-4.2
Radiator-4.7.pt Radius-EAP-SIM-1.16.tgz
Radiator-3.12.tgz Radiator-3.6.tgz
Radiator-4.2.tgz Radiator-4.7.tgz
Radius-EAP-SIM-1.17
Radiator-3.13 Radiator-3.7.1 Radiator-4.3
Radiator-4.8 Radius-EAP-SIM-1.17.tgz
Radiator-3.13-1.noarch.rpm Radiator-3.7.1.tar Radiator-4.3.1
Radiator-4.8.tgz Radius-EAP-SIM-1.30
Radiator-3.13.save Radiator-3.8
Radiator-4.3.1.tgz Radiator-4.9
Radius-EAP-SIM-1.30.tgz
Radiator-3.13.tgz Radiator-3.8.tar
Radiator-4.3.tgz Radiator-4.9.tgz
Radius-EAP-SIM-Cisco-ITP.tgz
Radiator-3.14 Radiator-3.9 Radiator-4.4
Radiator-Demo-3.9 WFA
Radiator-3.14.save Radiator-3.9.hugh
Radiator-4.4.save.for.now Radiator-Demo-3.9.tar
Then, to run Radiator-4.9 for example:
cd Radiator-4.9
perl radiusd -foreground -log_stdout -trace 4 -config_file some.config
…..
Obviously, "some.config" is local to the source directory of the version of
Radiator I am testing, and it will use different port numbers, log files and so
on.
I use the same technique in production environments with the startup scripts
referencing a particular source direcory.
This allows me to both do testing safely and to change versions in production
in a safe manner and if necessary I can always go back to a previous version
just by pointing to a different source directory.
NB: When installing new versions of Radiator in my source repository, I **do
not** do "make install", which keeps the Perl file hierarchy free from Radiator
source files. This also allows the use of different versions of Perl which is
advantageous in some environments. In my case I have 5 or 6 different versions
of Perl on my machine for testing and this allows me to do so in a safe and
simple manner.
Hope that helps.
regards
Hugh
On 12 Jan 2012, at 08:12, Heikki Vatiainen wrote:
> On 01/11/2012 09:46 PM, John Goubeaux wrote:
>
>> I have a basic "best practices" question on how I might best run a
>> separate "development" ver of radiator for testing without impacting
>> a production instance on my network.
>
>> Can I, and should I do this on the same host running the production
>> radiusd ? Meaning can I safely run another instance that points to
>> fresh config file and have it run on an alternate port ?
>
> Yes, this is possible. Just see that log and pid file names etc. do not
> overlap. Read-only files, such as dictionary, can of course be shared.
> With careful configuration you should not have problems.
>
> One common case is to have a separate authentication and accounting
> instance. So besides testing, multiple instances can be run for separate
> functionality and/or load balancing purposes too.
>
>> I'd like to
>> do some testing for a development wireless domain and minimize the
>> impact on any current production use of radiator and would prefer not
>> to have to do it on another box IF I can do so with no impact to
>> production use.
>
> I see no problem doing this. One option might be to run the instances
> under different uids and groups. If the test instance tries to e.g.,
> write to wrong log file, the file permissions should stop it causing any
> actual harm.
>
> Thanks!
> Heikki
>
> --
> Heikki Vatiainen <[email protected]>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> [email protected]
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
[email protected]
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc.
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator
