cleaning house on radius server?
Alexander Clouter
alex at digriz.org.uk
Mon Jan 17 22:56:07 CET 2011
Christ Schlacta <lists at aarcane.org> wrote:
>
> I've got a radius server up and running, and I want to clean up my
> configuration as much as possible. is it a safe assumption that if I
> remove a file (actually move it out of the way) and attempt to
> authenticate a client that if the client can successfully authenticate
> that everything is working? is it also safe to assume that any file
> with no uncommented lines is also safe to remove? I'm most
> interrested in removing the SQL directories and all the unused modules
> in the modules directory.
>
That's a terrible idea. Think about what you are trying to accomplish.
I would recommend you either put your configuration in some revision
control system or alternatively accept that Mr DeKok knows what he is
doing and thus not straying far from the 'Path of Light' is a Good
Idea(tm).
If you take up the latter you should:
* install from fresh a copy of FreeRADIUS (even if it is from
$DISTRO[favourite])
* assuming Debian, 'cp -a /etc/freeradius /etc/freeradius.orig'
* apply your needed changes to /etc/freeradius
* try to make the output of 'diff -u -r -N freeradius.org freeradius'
as small as possible whilst suiting your needs (learn to use
templates and policy.conf extensively)
This means that when you come to upgrading your FreeRADIUS installation,
you are applying a diff/patch file rather than trying to work everything
out from scratch. You can also trivially see what you have been
changing.
Cheers
--
Alexander Clouter
.sigmonster says: does your DRESSING ROOM have enough ASPARAGUS?
More information about the Freeradius-Users
mailing list