cleaning house on radius server?

Alexander Clouter alex at
Mon Jan 17 22:56:07 CET 2011

Christ Schlacta <lists at> wrote:
> I've got a radius server up and running, and I want to clean up my 
> configuration as much as possible.  is it a safe assumption that if I 
> remove a file (actually move it out of the way) and attempt to 
> authenticate a client that if the client can successfully authenticate 
> that everything is working?  is it also safe to assume that any file 
> with no uncommented lines is also safe to remove?  I'm most 
> interrested in removing the SQL directories and all the unused modules 
> in the modules directory.
That's a terrible idea.  Think about what you are trying to accomplish.

I would recommend you either put your configuration in some revision 
control system or alternatively accept that Mr DeKok knows what he is 
doing and thus not straying far from the 'Path of Light' is a Good 

If you take up the latter you should:
 * install from fresh a copy of FreeRADIUS (even if it is from
 * assuming Debian, 'cp -a /etc/freeradius /etc/freeradius.orig'
 * apply your needed changes to /etc/freeradius
 * try to make the output of 'diff -u -r -N freeradius' 
	as small as possible whilst suiting your needs (learn to use 
	templates and policy.conf extensively)

This means that when you come to upgrading your FreeRADIUS installation, 
you are applying a diff/patch file rather than trying to work everything 
out from scratch.  You can also trivially see what you have been 


Alexander Clouter
.sigmonster says: does your DRESSING ROOM have enough ASPARAGUS?

More information about the Freeradius-Users mailing list