Problem with migrating from macOS Server to FreeRADIUS 3.0.17

Stephan Jung raumerkunder at gmail.com
Mon Feb 11 18:46:45 CET 2019



> On 10 Feb, 2019, at 11:34 PM, Nathan Ward <lists+freeradius at daork.net> wrote:
> 
>> 
>> On 11/02/2019, at 10:04 AM, Stephan Jung <raumerkunder at gmail.com <mailto:raumerkunder at gmail.com>> wrote:
>> 
>> Thank you. I had some trouble compiling. Probably because my brew installed openssl at 1.1.
>> 
>> export LDFLAGS="-L/usr/local/opt/openssl at 1.1/lib"
>> export CPPFLAGS="-I/usr/local/opt/openssl at 1.1/include"
>> 
>> had not been exported. I added them to my .bash_profile and sourced it. Is that correct?
> 
> If that works for you then that should be fine. You can also do:
> --with-openssl-includes=<whatever> --with-openssl-libraries=<whatever>
> 
> This is what homebrew itself does.

I see

>> After some attempts it finally compiled. I copied the files to my brew installation and now:
>> 
>> $ sudo /usr/local/Cellar/freeradius-server/3.0.17/bin/radiusd -XC
>> 
>> passes.
>> 
>> The only thing that is mentioned is "Ignoring "ldap" (see raddb/mods-available/README.rst)":
>> 
>> server default { # from file /usr/local/Cellar/freeradius-server/3.0.17/etc/raddb/sites-enabled/default
>> # Loading authenticate {...}
>> # Loading authorize {...}
>> Ignoring "ldap" (see raddb/mods-available/README.rst)
>> # Loading preacct {...}
>> # Loading accounting {...}
>> # Loading post-proxy {...}
>> # Loading post-auth {...}
>> } # server default
>> 
>> Is that a problem? Can I do something?
> 
> When you read that README.rst file, what did you find? You should read that file before asking the list to explain to you what that file says. If there is something in that file that isn’t clear, then you should ask.

Had read it, but was not sure if I had to configure ldap in RADIUS for my particular system, that is why I asked, but probably too system dependent a question to ask. The point is that I am not configuring a system, but troubleshooting an existing system with no idea if the problem is in Cert, OD or RADIUS. Might have to ask in a separate thread.

>> RADIUS in macOS is really a niche, since Apple is iPhone it is increasingly difficult to get serious feedback on advanced topics … so thanks a lot for your reply! I probably posted in too many places, but since I will leave trace of how I solved it, I am fine with that.
> 
> Out of interest, does your new way to compile it get you rlm_opendirectory.dylib? The difference is “--enable-developer=yes”. You could, if you wanted, achieve the same by editing the home-brew recipe (brew edit freeradius-server) and adding that option (or --with-experimental-modules). I would suggest you do that, rather than overwrite whatever homebrew’s install etc. - instead, make homebrew work for you.

Thanks so much, that helped! By adding:

--enable-developer=yes
--with-experimental-modules

.a and .dylib of the opendirectory library are created:

rlm_opendirectory.a
rlm_opendirectory.dylib

But no:

rlm_opendirectory.la

I will try to add both options to the brew recipe on github so that the next one doesn’t have this problem.

Thanks again,

Stephan

> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <http://www.freeradius.org/list/users.html>


More information about the Freeradius-Users mailing list