On Sep 9, 2017, at 12:11 AM, Fajar A. Nugraha <list@fajar.net> wrote:
I think the problem arise because users see the debian directory, and expect to build it successfully (i.e. following https://wiki.freeradius.org/building/Debian-and-Ubuntu). But that fails for debian 9.
I can't feel overly responsible for distributions which break application software. There's really no other way to describe this. They've added patches to Debian after 3.0.15 was released, and those patches break *all* versions of FreeRADIUS.
IMHO some possible options are: (a) add some instructions (e.g. on https://wiki.freeradius.org/building/Debian-and-Ubuntu), something like 'if you're absolutely sure you're using patched/non-vulnerable versions of openssl, then you can edit these files manually, but don't complain if it's broken", and so on. And point any debian-package-related queries there. OR
I've pushed patches to v3.0.x which should help. I'll see if I can add notes to the wiki.
(b) someone who cares-enough about having latest FR runs on debian need to find better check methods (e.g. add versions known as safe, etc). Possibly still include some instructions on the wiki (if user still need to edit config files manually to remove additional version checks). OR
We'll try to get automated builds set up... right now, we're up to a backlog of ~10-20 systems that people want.
(c) a volunteer steps up to maintain latest (unofficial) FR packages for debian, to make it easier for other debian users. You could even use github to host the repository, so no need to maintain your own server. You'd basically just need time to maintain it.
People don't care about RADIUS. :( Maybe that will change once we add DNS to the server in v4. Alan DeKok.