Authenticating groups via LDAP

Josip Rodin joy at entuzijast.net
Sat May 22 10:34:45 CEST 2010


On Fri, May 21, 2010 at 05:19:55PM -0400, John Dennis wrote:
>> I just figured this part out.  The radiusd.conf file has an Include
>> /etc/freeradius/modules statement, and there was a file in the modules
>> directory called ldap.dpkg-old in that directory that was overiding the
>> ldap config file.  That doesn't mean everything works, but at least that
>> mystery is solved.
>
> I think Josip Rodin is maintaining the deb packages. If somehow the old  
> config files are overriding the new config files in the deb packages  
> then you and Josip might want to work out what the problem is, sounds  
> like a packaging bug. I've cc'ed Josip on this email, I know he reads  
> this list but might not be paying attention to this thread.

Thanks. The real problem here is that FreeRADIUS includes *all* files in the
modules/ directory, whereas excess files are really legitimate - *.dpkg-*
conffile resolution backups, editor lock files and backup files, etc.

This will be fixed either with code changes to reduce the filename pattern
matched (e.g. *.conf) or by moving to modules-{available,enabled}/, like
Apache does it.

Until then, users need to be extra careful to keep modules/ clean.
This applies everywhere (not just on Debian).

-- 
     2. That which causes joy or happiness.



More information about the Freeradius-Users mailing list