cleaning house on radius server?

[Alexander Clouter]

Christ Schlacta <lists at aarcane.org> wrote:
>
> I've got a radius server up and running, and I want to clean up my 
> configuration as much as possible.  is it a safe assumption that if I 
> remove a file (actually move it out of the way) and attempt to 
> authenticate a client that if the client can successfully authenticate 
> that everything is working?  is it also safe to assume that any file 
> with no uncommented lines is also safe to remove?  I'm most 
> interrested in removing the SQL directories and all the unused modules 
> in the modules directory.
>
That's a terrible idea.  Think about what you are trying to accomplish.

I would recommend you either put your configuration in some revision 
control system or alternatively accept that Mr DeKok knows what he is 
doing and thus not straying far from the 'Path of Light' is a Good 
Idea(tm).

If you take up the latter you should:
 * install from fresh a copy of FreeRADIUS (even if it is from
	$DISTRO[favourite])
 * assuming Debian, 'cp -a /etc/freeradius /etc/freeradius.orig'
 * apply your needed changes to /etc/freeradius
 * try to make the output of 'diff -u -r -N freeradius.org freeradius' 
	as small as possible whilst suiting your needs (learn to use 
	templates and policy.conf extensively)

This means that when you come to upgrading your FreeRADIUS installation, 
you are applying a diff/patch file rather than trying to work everything 
out from scratch.  You can also trivially see what you have been 
changing.

Cheers

-- 
Alexander Clouter
.sigmonster says: does your DRESSING ROOM have enough ASPARAGUS?