freeradius: New package.

diff --git a/pkgs/core/freeradius/freeradius.init b/pkgs/core/freeradius/freeradius.init
new file mode 100644 (file)
index 0000000..a89f62c
--- /dev/null
+++ b/pkgs/core/freeradius/freeradius.init
@@ -0,0 +1,12 @@
+description            "Starts the free RADIUS server"
+author                 "IPFire Team"
+
+start on started network
+stop on starting shutdown
+
+exec /usr/sbin/radiusd -f
+respawn
+
+post-stop script
+       rm -vf /var/run/radiusd/radiusd.sock
+end script

diff --git a/pkgs/core/freeradius/freeradius.nm b/pkgs/core/freeradius/freeradius.nm
new file mode 100644 (file)
index 0000000..8e94125
--- /dev/null
+++ b/pkgs/core/freeradius/freeradius.nm
@@ -0,0 +1,85 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007, 2008 Michael Tremer & Christian Schmidt                 #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include $(PKGROOT)/Include
+
+PKG_NAME       = freeradius-server
+PKG_VER        = 2.1.6
+PKG_REL        = 0
+
+PKG_MAINTAINER = 
+PKG_GROUP      = System/Daemons
+PKG_URL        = http://www.freeradius.org
+PKG_LICENSE    = GPLv2+ and LGPLv2+
+PKG_SUMMARY    = High-performance and highly configurable free RADIUS server.
+
+PKG_BUILD_DEPS+= libtool
+PKG_DEPS      += gdbm libpcap openssl perl
+
+define PKG_DESCRIPTION
+       The FreeRADIUS Server Project is a high performance and highly \
+       configurable GPL'd free RADIUS server. \
+       FreeRADIUS is an Internet authentication daemon, which implements \
+       the RADIUS protocol, as defined in RFC 2865. It allows \
+       Network Access Servers to perform authentication for dial-up users.
+endef
+
+PKG_TARBALL    = $(THISAPP).tar.bz2
+
+define QUALITY_AGENT_WHITELIST_RPATH
+       /usr/bin/*
+       /usr/sbin/*
+       /usr/lib/freeradius/*
+endef
+
+define STAGE_BUILD
+       cd $(DIR_APP) && \
+               ./configure \
+                       $(CONFIGURE_ARCH) \
+                       --prefix=/usr \
+                       --sysconfdir=/etc \
+                       --libdir=/usr/lib/freeradius \
+                       --localstatedir=/var \
+                       --with-system-libtool \
+                       --with-threads \
+                       --with-thread-pool \
+                       --disable-ltdl-install \
+                       --with-gnu-ld \
+                       --without-rlm_eap_ikev2 \
+                       --without-rlm_sql_iodbc \
+                       --without-rlm_sql_firebird \
+                       --without-rlm_sql_db2 \
+                       --without-rlm_sql_oracle
+
+       cd $(DIR_APP) && make LIBTOOL="libtool --tag=CC" #$(PARALLELISMFLAGS)
+endef
+
+define STAGE_INSTALL
+       cd $(DIR_APP) && R=$(BUILDROOT) make install
+endef
+
+define STAGE_INSTALL_CMDS
+       -mkdir -pv $(BUILDROOT)/etc/logrotate.d/
+       cp -vf $(DIR_SOURCE)/logrotate/freeradius $(BUILDROOT)/etc/logrotate.d/ 
+endef

diff --git a/pkgs/core/freeradius/freeradius.pam b/pkgs/core/freeradius/freeradius.pam
new file mode 100644 (file)
index 0000000..fff3238
--- /dev/null
+++ b/pkgs/core/freeradius/freeradius.pam
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth       include     system-auth
+account    required    pam_nologin.so
+account    include     system-auth
+password   include     system-auth
+session    include     system-auth

diff --git a/pkgs/core/freeradius/logrotate/freeradius b/pkgs/core/freeradius/logrotate/freeradius
new file mode 100644 (file)
index 0000000..8c5c6fb
--- /dev/null
+++ b/pkgs/core/freeradius/logrotate/freeradius
@@ -0,0 +1,56 @@
+# You can use this to rotate the /var/log/radius/* files, simply copy
+# it to /etc/logrotate.d/radiusd
+
+# There are different detail-rotating strategies you can use.  One is
+# to write to a single detail file per IP and use the rotate config
+# below.  Another is to write to a daily detail file per IP with:
+#     detailfile = ${radacctdir}/%{Client-IP-Address}/%Y%m%d-detail
+# (or similar) in radiusd.conf, without rotation.  If you go with the
+# second technique, you will need another cron job that removes old
+# detail files.  You do not need to comment out the below for method #2.
+/var/log/radius/radacct/*/detail {
+       monthly
+       rotate 4
+       nocreate
+       missingok
+       compress
+}
+
+/var/log/radius/checkrad.log {
+       monthly
+       rotate 4
+       create
+       missingok
+       compress
+}
+
+/var/log/radius/radius.log {
+       monthly
+       rotate 4
+       create
+       missingok
+       compress
+}
+
+/var/log/radius/radutmp {
+       monthly
+       rotate 4
+       create
+       compress
+       missingok
+}
+
+/var/log/radius/radwtmp {
+       monthly
+       rotate 4
+       create
+       compress
+       missingok
+}
+/var/log/radius/sqltrace.sql {
+        monthly
+        rotate 4
+        create
+        compress
+        missingok
+}

diff --git a/pkgs/core/freeradius/patches/freeradius-2.1.6-cert-config.patch b/pkgs/core/freeradius/patches/freeradius-2.1.6-cert-config.patch
new file mode 100644 (file)
index 0000000..8390beb
--- /dev/null
+++ b/pkgs/core/freeradius/patches/freeradius-2.1.6-cert-config.patch
@@ -0,0 +1,68 @@
+diff -r -u freeradius-server-2.1.8.orig/raddb/certs/ca.cnf freeradius-server-2.1.8/raddb/certs/ca.cnf
+--- freeradius-server-2.1.8.orig/raddb/certs/ca.cnf    2009-12-30 10:44:35.000000000 -0500
++++ freeradius-server-2.1.8/raddb/certs/ca.cnf 2010-01-08 12:35:23.000000000 -0500
+@@ -14,9 +14,9 @@
+ RANDFILE              = $dir/.rand
+ name_opt              = ca_default
+ cert_opt              = ca_default
+-default_days          = 365
++default_days          = 60
+ default_crl_days      = 30
+-default_md            = md5
++default_md            = sha1
+ preserve              = no
+ policy                        = policy_match
+ 
+Only in freeradius-server-2.1.8/raddb/certs: ca.cnf~
+diff -r -u freeradius-server-2.1.8.orig/raddb/certs/client.cnf freeradius-server-2.1.8/raddb/certs/client.cnf
+--- freeradius-server-2.1.8.orig/raddb/certs/client.cnf        2009-12-30 10:44:35.000000000 -0500
++++ freeradius-server-2.1.8/raddb/certs/client.cnf     2010-01-08 12:35:37.000000000 -0500
+@@ -14,9 +14,9 @@
+ RANDFILE              = $dir/.rand
+ name_opt              = ca_default
+ cert_opt              = ca_default
+-default_days          = 365
++default_days          = 60
+ default_crl_days      = 30
+-default_md            = md5
++default_md            = sha1
+ preserve              = no
+ policy                        = policy_match
+ 
+Only in freeradius-server-2.1.8/raddb/certs: client.cnf~
+diff -r -u freeradius-server-2.1.8.orig/raddb/certs/server.cnf freeradius-server-2.1.8/raddb/certs/server.cnf
+--- freeradius-server-2.1.8.orig/raddb/certs/server.cnf        2009-12-30 10:44:35.000000000 -0500
++++ freeradius-server-2.1.8/raddb/certs/server.cnf     2010-01-08 12:35:05.000000000 -0500
+@@ -14,9 +14,9 @@
+ RANDFILE              = $dir/.rand
+ name_opt              = ca_default
+ cert_opt              = ca_default
+-default_days          = 365
++default_days          = 60
+ default_crl_days      = 30
+-default_md            = md5
++default_md            = sha1
+ preserve              = no
+ policy                        = policy_match
+ 
+Only in freeradius-server-2.1.8/raddb/certs: server.cnf~
+diff -r -u freeradius-server-2.1.8.orig/raddb/eap.conf freeradius-server-2.1.8/raddb/eap.conf
+--- freeradius-server-2.1.8.orig/raddb/eap.conf        2009-12-30 10:44:35.000000000 -0500
++++ freeradius-server-2.1.8/raddb/eap.conf     2010-01-08 12:36:04.000000000 -0500
+@@ -251,15 +251,6 @@
+                       cipher_list = "DEFAULT"
+ 
+                       #
+-
+-                      #  This configuration entry should be deleted
+-                      #  once the server is running in a normal
+-                      #  configuration.  It is here ONLY to make
+-                      #  initial deployments easier.
+-                      #
+-                      make_cert_command = "${certdir}/bootstrap"
+-
+-                      #
+                       #  Session resumption / fast reauthentication
+                       #  cache.
+                       #
+Only in freeradius-server-2.1.8/raddb: eap.conf~