Dependencies of Freeradius 2.0.5
david at wood2.org.uk
Sat Jun 21 05:34:04 CEST 2008
Hi Leander and all,
In message <485A8CBB.3020505 at gmx.net>, Leander S.
<leander.schaefer at gmx.net> writes
>Yes, thanks I understood this. But the Reason why I'm asking is,
>because I want to know about the version numbers which are required for
>example with snmp - because I use FreeBSD 7.0 RELEASE and there might
>be not the newst snmp software ready to install from the ports.
The latest SNMP software is available in FreeBSD ports - well, very
nearly. net-mgmt/net-snmp is currently at version 5.4.1 whilst it looks
like Net SNMP version 126.96.36.199 has just been released.
However, the issue with SNMP is not how new the SNMP software is! As has
been said, the SNMP code in FreeRADIUS has rotted; it's not 64 bit safe,
it uses the obsolescent smux protocol and it uses the ucd-snmp API. The
latter of these issues means FreeRADIUS's SNMP code only works on
FreeBSD against the obsolescent net-mgmt/net-snmp4 port, which is UCD
The correct way ahead with the FreeRADIUS SNMP code is widely
acknowledged to be a rewrite using AgentX - however the new statistics
code may turn out to be a better option. I wonder if the current SNMP
code will be retired now that the statistics code is available.
Rather than worrying about the dependencies, you could just install the
FreeBSD net/freeradius2 port. I've done all the work for you - I've even
provided an option to install every FreeRADIUS feature for which the
libraries are available in ports.
The net/freeradius2 port isn't in 7.0-RELEASE - it missed the deadline
to be included. Even if it hadn't missed the deadline, it would have
been version 2.0.0.
All you need to do is to bring your ports tree up to date via your
favourite method. 'portsnap fetch update' will do the job. At the
moment, the port is still 2.0.3 - there's been some configuration
management stuff to sort out that needs to go in the upgrade to 2.0.5.
Once you have an up to date ports tree in /usr/ports, the following
commands should download and install a pre-release version of the 2.0.5
cp -R /usr/ports/net/freeradius2 freeradius2
patch -sd freeradius2 -i ../port-freeradius2-2.0.5.patch && \
find freeradius2 -name '*.orig' -delete
( cd freeradius2 ; make install )
should do the job.
I suggest copying and pasting those lines to a shell prompt. Note that
the last step almost certainly requires root privileges.
If you did not already have a FreeRADIUS configuration in
/usr/local/etc/raddb, a copy of the sample configuration is made there
ready for your customisation and raddb/certs has been bootstrapped so
that the server is ready to go.
Unless you deliberately disable the USER option, the server is
configured to use the freeradius user and freeradius group (the group
and user are created if necessary). This is recommended from a security
The port installs an rc.d script for radiusd.
Finally, you'll get a message on screen giving you various useful
information including pointers to the documentation and the FreeRADIUS
I hope that this latest version of the port is easier to get going 'out
of the box' than any previous version. Whilst it's a pre-release, I've
completed my testing on it tonight - the only task remaining is to write
up some documentation, then hopefully I can get it committed to the
** IMPORTANT **
If you have an existing FreeRADIUS configuration, back up
/usr/local/etc/raddb *before* uninstalling the old FreeRADIUS port -
otherwise you will finish up with unmodified files being deleted from
your existing configuration and these files not being restored after you
install the 2.0.5 port.
This is the issue that's delaying the upgrade until it's properly
documented. The behaviour of the port is being changed to prevent this
problem in the future.
For more details, see
** IMPORTANT **
It is important to read /usr/ports/UPDATING after updating your ports
tree. If you haven't already been through this, there's been an update
to gettext that means many ports need rebuilding.
(FreeBSD port maintainer for FreeRADIUS)
david at wood2.org.uk
More information about the Freeradius-Users