pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/freeradius
Module Name: pkgsrc
Committed By: jperkin
Date: Thu Apr 16 15:49:30 UTC 2020
Modified Files:
pkgsrc/net/freeradius: Makefile distinfo
pkgsrc/net/freeradius/files/smf: manifest.xml
Added Files:
pkgsrc/net/freeradius/files/smf: radiusd.sh
pkgsrc/net/freeradius/patches: patch-raddb_radiusd.conf.in
Log Message:
freeradius: Fix SMF initialisation.
Ensures the user/group are correctly substituted into the config file so that
the daemon can run as root then drop privileges appropriately, as well as
creating the rundir as necessary.
Submitted by Jorge Schrauwen in NetBSD/pkgsrc#58. Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.106 -r1.107 pkgsrc/net/freeradius/Makefile
cvs rdiff -u -r1.40 -r1.41 pkgsrc/net/freeradius/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/freeradius/files/smf/manifest.xml
cvs rdiff -u -r0 -r1.1 pkgsrc/net/freeradius/files/smf/radiusd.sh
cvs rdiff -u -r0 -r1.1 \
pkgsrc/net/freeradius/patches/patch-raddb_radiusd.conf.in
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/freeradius/Makefile
diff -u pkgsrc/net/freeradius/Makefile:1.106 pkgsrc/net/freeradius/Makefile:1.107
--- pkgsrc/net/freeradius/Makefile:1.106 Wed Apr 8 09:42:05 2020
+++ pkgsrc/net/freeradius/Makefile Thu Apr 16 15:49:30 2020
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.106 2020/04/08 09:42:05 adam Exp $
+# $NetBSD: Makefile,v 1.107 2020/04/16 15:49:30 jperkin Exp $
.include "Makefile.common"
PKGNAME= ${DISTNAME:S/-server//}
+PKGREVISION= 1
COMMENT= Free RADIUS server implementation
BUILD_DEFS+= VARBASE
@@ -29,6 +30,7 @@ CONFIGURE_ARGS+= --without-rlm_sql_postg
CONFIGURE_ARGS+= --without-rlm_sql_unixodbc
RCD_SCRIPTS= radiusd
+SMF_METHODS= radiusd
RADIUS_GROUP?= radiusd
RADIUS_USER?= radiusd
PKG_GROUPS= ${RADIUS_GROUP}
@@ -42,6 +44,12 @@ OWN_DIRS_PERMS+= ${VARBASE}/run/radiusd
PKG_SYSCONFSUBDIR= raddb
+SUBST_CLASSES+= secconf
+SUBST_STAGE.secconf= post-configure
+SUBST_MESSAGE.secconf= Substituting user and group in radiusd.conf
+SUBST_FILES.secconf= raddb/radiusd.conf
+SUBST_VARS.secconf= RADIUS_USER RADIUS_GROUP
+
FILES_SUBST+= RADIUS_USER=${RADIUS_USER} RADIUS_GROUP=${RADIUS_GROUP}
MESSAGE_SUBST+= BOOTSTRAP=${PKG_SYSCONFDIR}/certs/bootstrap
@@ -175,19 +183,19 @@ EGFILES= certs/ca.cnf certs/client.cnf
users templates.conf trigger.conf
EGDIRS= certs mods-available mods-config mods-config/attr_filter mods-config/files \
- mods-config/perl mods-config/preprocess mods-config/sql mods-config/sql/counter \
- mods-config/sql/counter/mysql mods-config/sql/counter/postgresql \
- mods-config/sql/counter/sqlite mods-config/sql/cui mods-config/sql/cui/mysql \
- mods-config/sql/cui/postgresql mods-config/sql/cui/sqlite mods-config/sql/ippool \
- mods-config/sql/ippool-dhcp mods-config/sql/ippool-dhcp/mysql \
- mods-config/sql/ippool-dhcp/oracle mods-config/sql/ippool-dhcp/sqlite \
- mods-config/sql/ippool/mysql mods-config/sql/ippool/oracle \
- mods-config/sql/ippool/postgresql mods-config/sql/ippool/sqlite \
- mods-config/sql/main mods-config/sql/main/mssql mods-config/sql/main/mysql \
- mods-config/sql/main/mysql/extras mods-config/sql/main/mysql/extras/wimax \
- mods-config/sql/main/ndb mods-config/sql/main/oracle \
- mods-config/sql/main/postgresql mods-config/sql/main/postgresql/extras \
- mods-config/sql/main/sqlite mods-config/unbound mods-enabled \
+ mods-config/perl mods-config/preprocess mods-config/sql mods-config/sql/counter \
+ mods-config/sql/counter/mysql mods-config/sql/counter/postgresql \
+ mods-config/sql/counter/sqlite mods-config/sql/cui mods-config/sql/cui/mysql \
+ mods-config/sql/cui/postgresql mods-config/sql/cui/sqlite mods-config/sql/ippool \
+ mods-config/sql/ippool-dhcp mods-config/sql/ippool-dhcp/mysql \
+ mods-config/sql/ippool-dhcp/oracle mods-config/sql/ippool-dhcp/sqlite \
+ mods-config/sql/ippool/mysql mods-config/sql/ippool/oracle \
+ mods-config/sql/ippool/postgresql mods-config/sql/ippool/sqlite \
+ mods-config/sql/main mods-config/sql/main/mssql mods-config/sql/main/mysql \
+ mods-config/sql/main/mysql/extras mods-config/sql/main/mysql/extras/wimax \
+ mods-config/sql/main/ndb mods-config/sql/main/oracle \
+ mods-config/sql/main/postgresql mods-config/sql/main/postgresql/extras \
+ mods-config/sql/main/sqlite mods-config/unbound mods-enabled \
policy.d sites-available sites-enabled
REPLACE_PERL+= scripts/sql/radsqlrelay \
Index: pkgsrc/net/freeradius/distinfo
diff -u pkgsrc/net/freeradius/distinfo:1.40 pkgsrc/net/freeradius/distinfo:1.41
--- pkgsrc/net/freeradius/distinfo:1.40 Wed Apr 8 09:42:05 2020
+++ pkgsrc/net/freeradius/distinfo Thu Apr 16 15:49:30 2020
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.40 2020/04/08 09:42:05 adam Exp $
+$NetBSD: distinfo,v 1.41 2020/04/16 15:49:30 jperkin Exp $
SHA1 (freeradius-server-3.0.21.tar.bz2) = 3d90d63bf1452794cf9d0b04147745a254872c3f
RMD160 (freeradius-server-3.0.21.tar.bz2) = 04a038b701f19d9c598e826a795a0cdaacd3768b
@@ -8,4 +8,5 @@ SHA1 (patch-ai) = e32ffd24b93e2cef2e72ef
SHA1 (patch-configure.ac) = ffec1f851d23f560797c12eba5092f2940e4d662
SHA1 (patch-main_command.c) = 1c79b29eb13df341906c710c8dd41860a27473dd
SHA1 (patch-main_util.c) = e8814255c32c8469e81d62f2c7092e8d42744e85
+SHA1 (patch-raddb_radiusd.conf.in) = 353cbed35013777bf055a77cc610b50a637ae7b7
SHA1 (patch-src_lib_udpfromto.c) = 2457f0a7223b1f3ef86d0af020290b26380e6319
Index: pkgsrc/net/freeradius/files/smf/manifest.xml
diff -u pkgsrc/net/freeradius/files/smf/manifest.xml:1.1 pkgsrc/net/freeradius/files/smf/manifest.xml:1.2
--- pkgsrc/net/freeradius/files/smf/manifest.xml:1.1 Sat Aug 26 10:07:28 2017
+++ pkgsrc/net/freeradius/files/smf/manifest.xml Thu Apr 16 15:49:30 2020
@@ -19,10 +19,8 @@
<dependency name='system-log' grouping='optional_all' restart_on='none' type='service'>
<service_fmri value='svc:/system/system-log' />
</dependency>
- <method_context>
- <method_credential user='@RADIUS_USER@' group='@RADIUS_GROUP@' />
- </method_context>
- <exec_method name='start' type='method' exec='@PREFIX@/sbin/radiusd' timeout_seconds='60' />
+ <method_context></method_context>
+ <exec_method name='start' type='method' exec='@PREFIX@/@SMF_METHOD_FILE.radiusd@' timeout_seconds='60' />
<exec_method name='stop' type='method' exec=':kill' timeout_seconds='60' />
<property_group name='startd' type='framework'>
<propval name='ignore_error' type='astring' value='core,signal' />
Added files:
Index: pkgsrc/net/freeradius/files/smf/radiusd.sh
diff -u /dev/null pkgsrc/net/freeradius/files/smf/radiusd.sh:1.1
--- /dev/null Thu Apr 16 15:49:30 2020
+++ pkgsrc/net/freeradius/files/smf/radiusd.sh Thu Apr 16 15:49:30 2020
@@ -0,0 +1,14 @@
+#!@SMF_METHOD_SHELL@
+#
+# $NetBSD: radiusd.sh,v 1.1 2020/04/16 15:49:30 jperkin Exp $
+#
+
+. /lib/svc/share/smf_include.sh
+
+if [ ! -d @VARBASE@/run/radiusd ]; then
+ @MKDIR@ @VARBASE@/run/radiusd
+ @CHMOD@ 0750 @VARBASE@/run/radiusd
+ @CHOWN@ @RADIUS_USER@:@RADIUS_GROUP@ @VARBASE@/run/radiusd
+fi
+
+@PREFIX@/sbin/radiusd "$@"
Index: pkgsrc/net/freeradius/patches/patch-raddb_radiusd.conf.in
diff -u /dev/null pkgsrc/net/freeradius/patches/patch-raddb_radiusd.conf.in:1.1
--- /dev/null Thu Apr 16 15:49:30 2020
+++ pkgsrc/net/freeradius/patches/patch-raddb_radiusd.conf.in Thu Apr 16 15:49:30 2020
@@ -0,0 +1,17 @@
+$NetBSD: patch-raddb_radiusd.conf.in,v 1.1 2020/04/16 15:49:30 jperkin Exp $
+
+Update example radiusd.conf to include the correct user/group
+
+--- raddb/radiusd.conf.in.orig 2020-04-15 11:59:38.209113301 +0000
++++ raddb/radiusd.conf.in 2020-04-15 12:00:19.973538936 +0000
+@@ -501,8 +501,8 @@
+ # member. This can allow for some finer-grained access
+ # controls.
+ #
+-# user = radius
+-# group = radius
++ user = @RADIUS_USER@
++ group = @RADIUS_GROUP@
+
+ # Core dumps are a bad thing. This should only be set to
+ # 'yes' if you're debugging a problem with the server.
Home |
Main Index |
Thread Index |
Old Index