Newbie: General Questions About Installation

Paul Hampson Paul.Hampson at PObox.com
Tue Aug 9 08:00:50 CEST 2005


On Sat, Aug 06, 2005 at 02:09:59PM -0700, Kris Benson wrote:
> FreeRadius users mailing list <freeradius-users at lists.freeradius.org> on
> August 6, 2005 at 00:25 -0800 wrote:
> >in console just type apt-get install freeradius   or use synaptic package 
> >managed (x windows / gnome ) and do a search for Freeradius.   that will 
> >install and create the user/group freerad  and put all the files in their 
> >appropriate place.
> >
> >once thats done your configuration files will be in /etc/freeradius    
> >edit 
> >radiusd.conf to your liking & clients.conf etc 

> There's one major issue with the Debian freeradius package -- any module
> that requires hooks to OpenSSL is not included due to some legal issue. 
> This includes eap_tls, eap_ttls, eap_peap, etc.

> The compile-from-source solution works well -- you just need to apt-get
> install these:
> libmysqlclient14-dev
> libldap2-dev (if you want LDAP support)
> libssl-dev

(When you're dpkg-buildpackaging, it should tell you what you're
missing. If there's something you need that's not listed, please let
me know, as it's a particularly nasty bug that needs fixing.)

If you're compilling from source for Debian (either upstream or the
Debian archives) and want EAP-TLS you'll need the patch from FreeRADIUS
bug #75 (Attachment id=77, right down the bottom).

Other OpenSSL depending stuff (rlm_sql_postgres and SNMP agent support
come to mind) doesn't need this patch. It's just for crosslinking in
rlm_eap, and will be going into the next Debian version, and the debian/
directory of 1.0.5 if either occurs.

I'd recommend using the upstream tarball, as the version in the Debian
archive explicitly disables OpenSSL support, the upstream tarball will
detect it and use it if it's there.

If you want the latest debian/ directory with less mucking about and
without OpenSSL disabled, you can check out the latest Debian release
(the CVS tag escapes me. debian_1_0_4_2 I think) to get pretty much
exactly what's in Debian, but without the SSL disabled. You can check
the Debian changelog for 1.0.4-2 [1] to see if there's anything you need
compared to 1.0.4-0 (the upstream release). You'll need to check out
release_1_0_4 first, then go into debian/ and cvs update -r
debian_1_0_4_2 or whatever the tag is. (Check CVSWeb. ^_^)

[1] http://packages.debian.org/changelogs/pool/main/f/freeradius/freeradius_1.0.4-2/changelog

-- 
Paul "TBBle" Hampson, on an alternate email client.



More information about the Freeradius-Users mailing list