On Mon, Jan 17, 2011 at 12:36:54PM -0800, Christ Schlacta wrote:
I've got a radius server up and running, and I want to clean up my configuration as much as possible. is it a safe assumption that if I remove a file (actually move it out of the way) and attempt to authenticate a client that if the client can successfully authenticate that everything is working? is it also safe to assume that any file with no uncommented lines is also safe to remove? I'm most interrested in removing the SQL directories and all the unused modules in the modules directory.
It is perfectly possible to weed out everything that is not needed - but to determine what is not needed simply by ad hoc testing wouldn't necessarily be possible, because there's always the possiblity that you wouldn't be testing some missing parts of the configuration that are tested by some other process. People seem to have thrown around a fair bit of FUD in this thread, but that's probably because your proposed method seems so shaky. An example for the "removal" of SQL directories is in the Debian FR packages where the SQL bits are split out in several separate packages. So e.g. people who don't install freeradius-mysql also don't get the module's .so files or configuration fragments, at all. Yet, we never weeded out other modules and settings because the overhead seemed negligible - the amount of extra libraries or instantiation work for most modules is not considerable. So if you really need to fit FR e.g. into an embedded environment, and you have your use cases very well defined, it might make sense to bother. Otherwise, there are probably more worthwhile things to do :) -- 2. That which causes joy or happiness.