Dependencies of Freeradius 2.0.5

Leander S. leander.schaefer at gmx.net
Mon Jun 23 02:37:23 CEST 2008


Thank you very much for your work David!
But I rather want to compile it by myself, because:
a) I don't want to update all my ports, because than I am "supposed" to 
update my RELEASE version of FreeBSD to an STABLE version and reinstall 
all packages and re-check my configuration files in etc ... bla bla ... 
(it's a production server)
b) I might need to upgrade FreeRADIUServer in future ... and _only_ 
FreeRADIUServer .. so it might be a good exercise for me to get know 
about how to compile FreeRADIUServer and also of the dependencies I'll 
need in my case to be a little more independent and flexible of the 
provided binary packages of FreeBSD.

Best regards,
   Leander



David Wood schrieb:
> Hi Leander and all,
>
> In message <485A8CBB.3020505 at gmx.net>, Leander S. 
> <leander.schaefer at gmx.net> writes
>> Yes, thanks I understood this. But the Reason why I'm asking is, 
>> because I want to know about the version numbers which are required 
>> for example with snmp - because I use FreeBSD 7.0 RELEASE and there 
>> might be not the newst snmp software ready to install from the ports.
>
> The latest SNMP software is available in FreeBSD ports - well, very 
> nearly. net-mgmt/net-snmp is currently at version 5.4.1 whilst it 
> looks like Net SNMP version 5.4.1.2 has just been released.
>
> However, the issue with SNMP is not how new the SNMP software is! As 
> has been said, the SNMP code in FreeRADIUS has rotted; it's not 64 bit 
> safe, it uses the obsolescent smux protocol and it uses the ucd-snmp 
> API. The latter of these issues means FreeRADIUS's SNMP code only 
> works on FreeBSD against the obsolescent net-mgmt/net-snmp4 port, 
> which is UCD SNMP.
>
>
> The correct way ahead with the FreeRADIUS SNMP code is widely 
> acknowledged to be a rewrite using AgentX - however the new statistics 
> code may turn out to be a better option. I wonder if the current SNMP 
> code will be retired now that the statistics code is available.
>
>
> Rather than worrying about the dependencies, you could just install 
> the FreeBSD net/freeradius2 port. I've done all the work for you - 
> I've even provided an option to install every FreeRADIUS feature for 
> which the libraries are available in ports.
>
> The net/freeradius2 port isn't in 7.0-RELEASE - it missed the deadline 
> to be included. Even if it hadn't missed the deadline, it would have 
> been version 2.0.0.
>
> All you need to do is to bring your ports tree up to date via your 
> favourite method. 'portsnap fetch update' will do the job. At the 
> moment, the port is still 2.0.3 - there's been some configuration 
> management stuff to sort out that needs to go in the upgrade to 2.0.5.
>
>
> Once you have an up to date ports tree in /usr/ports, the following 
> commands should download and install a pre-release version of the 
> 2.0.5 port:
>
> cp -R /usr/ports/net/freeradius2 freeradius2
> fetch http://www.wood2.org.uk/freebsd/port-freeradius2-2.0.5.patch
> patch -sd freeradius2 -i ../port-freeradius2-2.0.5.patch && \
> find freeradius2 -name '*.orig' -delete
> ( cd freeradius2 ; make install )
>
> should do the job.
>
> I suggest copying and pasting those lines to a shell prompt. Note that 
> the last step almost certainly requires root privileges.
>
>
> If you did not already have a FreeRADIUS configuration in 
> /usr/local/etc/raddb, a copy of the sample configuration is made there 
> ready for your customisation and raddb/certs has been bootstrapped so 
> that the server is ready to go.
>
> Unless you deliberately disable the USER option, the server is 
> configured to use the freeradius user and freeradius group (the group 
> and user are created if necessary). This is recommended from a 
> security perspective.
>
> The port installs an rc.d script for radiusd.
>
> Finally, you'll get a message on screen giving you various useful 
> information including pointers to the documentation and the FreeRADIUS 
> Wiki.
>
>
> I hope that this latest version of the port is easier to get going 
> 'out of the box' than any previous version. Whilst it's a pre-release, 
> I've completed my testing on it tonight - the only task remaining is 
> to write up some documentation, then hopefully I can get it committed 
> to the ports tree.
>
>
> ** IMPORTANT **
>
> If you have an existing FreeRADIUS configuration, back up 
> /usr/local/etc/raddb *before* uninstalling the old FreeRADIUS port - 
> otherwise you will finish up with unmodified files being deleted from 
> your existing configuration and these files not being restored after 
> you install the 2.0.5 port.
>
> This is the issue that's delaying the upgrade until it's properly 
> documented. The behaviour of the port is being changed to prevent this 
> problem in the future.
>
> For more details, see
> http://www.freebsd.org/cgi/query-pr.cgi?pr=124439
>
>
> ** IMPORTANT **
>
> It is important to read /usr/ports/UPDATING after updating your ports 
> tree. If you haven't already been through this, there's been an update 
> to gettext that means many ports need rebuilding.
>
>
> Best wishes,
>
>
>
>
> David
> (FreeBSD port maintainer for FreeRADIUS)




More information about the Freeradius-Users mailing list