building freeradius 1.1.0 suse rpm
Nicolas Baradakis
nbk at sitadelle.com
Sat Jan 14 16:14:54 CET 2006
Wolfgang Rosenauer wrote:
> I have attached an archive of current specfile and our incorporated
> patches.
Thankyou. I don't really care for Suse package but I made a diff
between the specfiles out of curiosity. I noticed a few things,
though they're just minor details.
> # spec file for package freeradius (Version 1.0.5)
It's 1.1.0.
> Source3: radqkstart.pdf
> Source4: radadmin.pdf
You didn't provide these files. Are they licensed under the GNU FDL?
Perhaps in the CVS we need a modifed version of freeradius.spec which
doesn't use them.
> --with-threads \
> --with-thread-pool \
> --with-snmp \
The options "with-threads" and "with-snmp" are already to yes by
default, thus not needed. And I think the option "with-thread-pool"
doesn't exist. (I can't find it in 1.1.0)
I'd suggest to add the option "with-udpfromto". On a system with multiple
IP addresses, it ensures that replies come from the same address as
the request arrived at. This option is in the Debian package for a long
time.
> %attr(755,root,root) %dir /usr/lib/freeradius
> #%attr(755,root,root) /usr/lib/freeradius/*.so*
> /usr/lib/freeradius/libeap*.so
> /usr/lib/freeradius/libradius*.so
> /usr/lib/freeradius/rlm_acct_unique*.so
> /usr/lib/freeradius/rlm_always*.so
> [...]
Is it necessary to list every module? If a user edit the module list
and rebuild a package for himself it may not work.
I think this line would be better. (but perhaps I'm wrong)
%attr(755,root,root) /usr/lib/freeradius/*.so*
> Some short description for the patches:
>
> dialup_admin.patch:
> just change path names
>
> lib64.patch:
> (dirty) workaround for building some modules on biarch platforms
I think the first two should be added to the suse/ dir, so a user can
do a "rpmbuild" and it works out of the box.
> ltdl.patch:
> try *.so shared libs before any other libtool stuff
I've no idea why this workaround is necessary.
> pie.patch:
> link radiusd with -pie flag for some security improvement
It's not mandatory to make the server work, but perhaps it could
be added to the suse/ dir, too.
--
Nicolas Baradakis
More information about the Freeradius-Devel
mailing list