FreeRADIUS FreeBSD port

David Wood david at wood2.org.uk
Mon Jan 22 01:55:00 CET 2007


Hi Alan and everyone,

In message <45B1CA60.5040200 at deployingradius.com>, Alan DeKok 
<aland at deployingradius.com> writes
>David Wood wrote:
>> I am the maintainer of the FreeBSD FreeRADIUS port starting from version
>> 1.1.3. It's probably about time I revealed myself here.
>
>  Thanks.  There's been the occasional question.  Having an authority
>here is useful.

I'll do my best - having taken on the port, I'll do my best to support 
it properly.


>> As is usual for a FreeBSD port (see the FreeBSD Porter's Handbook,
>> section 7.2), the port installs the sample FreeRADIUS configuration, but
>> the name of each file has a suffix, in this case .sample. This is to
>> stop port upgrades, or deinstall/reinstalls, from wiping your
>> hand-crafted configuration.
>
>  But the FreeRADIUS make files do that already...  Yes, I know not all
>projects are that smart, but still...

I know.


>> In the case of FreeRADIUS, assuming you don't set PREFIX explicitly to
>> something else, the default configuration files go in
>> /usr/local/etc/raddb, suffixed with .sample - so
>> /usr/local/etc/raddb/radiusd.conf.sample and so on.
>
>  That's awkward.  Especially because the sample configs *work* out of
>the box.  That's the whole point of the sample configs.  And worse,
>there are a number of files that need to be set up properly before the
>server runs, which makes copying the sample files even more work.
>
>  Could you update the port to install the files if they don't already
>exist?

I didn't design the port, I merely inherited what is already there. I 
agree that the behaviour to date was less than helpful, so I've made the 
necessary changes to the port and have submitted them.

See FreeBSD PR ports/108196 at
<http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/108196> for a 
description of the new behaviour and the patch that I hope will be 
committed soon.


I've fixed a few minor problems whilst I was there. I've no idea when 
one of the committers will pick this up and commit it to the CVS, but 
usually updates from maintainers are committed within a few days. Anyone 
that uses the recommended portsnap(1) tool in recent versions of FreeBSD 
will then pick up the revised port.



I updated the port to 1.1.2 before taking the maintainership. I took the 
maintainership when updating it to 1.1.3, and I have subsequently 
updated the port to 1.1.4.


As well as the version updates and today's batch of changes, I have 
also:

* tossed out an obsolete source patch that changed the MSCHAP behaviour, 
and documented with_ntdomain_hack as its replacement when necessary. 
With this done, the functionality of the port matches the code released 
by the FreeRADIUS project as the only patches the port applies are build 
related.

* added various FreeRADIUS features to the port.

* added an option to disable rlm_perl and the dependency on perl 
(particularly for someone wanting to build FreeRADIUS for a Soekris 
board or similar and not wanting all the extra weight of perl).

* updated the package description to the text from the FreeRADIUS home 
page (as the INTRO section of doc/README that was previously used is a 
bit crufty, also the original description had a reference to the 
obsolete livingston mailing list included). See 
<http://www.freshports.org/net/freeradius/>


I'm not saying that I've got everything yet, but I think the port is now 
in good shape. If anyone wants to suggest further changes, or audits the 
port and finds any problems, I'm listening. Patches are particularly 
welcome, of course.



Best wishes,




David
-- 
David Wood
david at wood2.org.uk



More information about the Freeradius-Users mailing list