Upgrading from FR 2.1.10 to 2.2.x

[John Dennis]

On 02/13/2013 04:03 AM, Jamie Lee wrote:
> Hello,
>
> I’ve just completed the configuration of a 2.1.10 free radius server on
> CentOS 6.2 and want to upgrade to FR 2.2.x to remove the vulnerability.
> Does anyone have a guide or any advice on what I need to do and back up
> in order to ensure that I don’t lose any of my site specific settings. I
> have configured it to work with AD using NTLM_Auth and Samba.

Red Hat has shipped the 2.1.12-4 RPM with the CVE fix applied, not sure 
if CentOS has kept up. We have not shipped 2.2 for RHEL 6. You'll either 
have to build an RPM (see http://wiki.freeradius.org/guide/Red-Hat-FAQ 
for how to do that) or build from the tarball.

All the configuration is under /etc/raddb, make sure that's backed up. 
As a general rule it's good practice to put your configuration files 
under source code control anyway.

If you use an RPM to update configuration files you've modified will be 
moved to .rpmsave, look for those after the install completes and adjust 
accordingly. If memory serves me correctly 2.2.x has logic in it to that 
ignores .rpmnew,, .rpmsave, .bak, ~, apt files, etc. so their presence 
won't cause problems like they used to. Running rpm freeradius -qV 
before installing will verify the installed files and tell you any 
you've modified. If you install via "make install" nothing will be 
preserved.

Any other data stored in your backends (e.g. SQL, LDAP) shouldn't be 
affected and you're on your own to back that up anyway.

HTH,

John

-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/