From: Alan T. DeKok Date: Tue, 7 Feb 2012 09:30:48 +0000 (+0100) Subject: Move README to README.rst and fixes RST formatting X-Git-Tag: release_3_0_0_beta0~332 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=05e12dfdc568022ce5e873c25c6e635dd1fe1cb6;p=thirdparty%2Ffreeradius-server.git Move README to README.rst and fixes RST formatting --- diff --git a/raddb/README b/raddb/README deleted file mode 100644 index b13033badfc..00000000000 --- a/raddb/README +++ /dev/null @@ -1,98 +0,0 @@ -Upgrading to Version 3.0 -======================== - -The configuration for 3.0 is *largely* compatible with the 2.x -configuration. However, it is NOT possible to simply use the 2.x -configuration as-is. Instead, you should re-create it. - -Security --------- - -A number of configuration items have moved into the "security" -subsection of radiusd.conf. If you use these, you should move them. -Otherwise, they can be ignored. - -The list of moved options is: - - chroot - user - group - allow_core_dumps - reject_delay - status_server - - -Modules Directory ------------------ - - As of version 3.0, the "modules" directory no longer exists. - - Instead, all "example" modules have been put into the -"mods-available" directory. Modules which can be loaded by the server -are placed in the "mods-enabled" directory. - - Modules can be enabled by creating a soft link. For module "foo", do: - - $ cd raddb - $ ln -s mods-available/foo mods-enabled/foo - - To create "local" versions of the modules, we suggest copying the -file instead. This leaves the original file (with documentation) in -the "mods-available" directory. Local changes should go into the -"mods-enabled" directory. - - -SQL ---- - - The SQL configuration has been moved from sql.conf to mods-available/sql. -The sqlippool.conf file has also been moved. - - The SQL module configuration has been changed. The old connection -pool options are no longer understood: - - num_sql_socks - connect_failure_retry_delay - lifetime - max_queries - - Instead, a connection pool configuration is used. This -configuration contains all of the functionality of the previous -configuration, but in a more generic form. It also is used in -multiple modules, meaning that there are fewer different configuration -items. The mapping between the configuration items is: - - num_sql_socks -> pool { max } - connect_failure_retry_delay -> NOT SUPPORTED - lifetime -> pool { lifetime } - max_queries -> pool { uses } - - The pool configuration adds a number of new configuration options, -which allow the administrator to better control how FreeRADIUS uses -SQL connection pools. - - -EAP ---- - - The EAP configuration has been moved from eap.conf to mods-available/eap. - - It is otherwise unchanged. You chould be able to copy your old -eap.conf file directly to mods-enabled/eap. - - -RadSec ------- - - RadSec (or RADIUS over TLS) is now supported. RADIUS over bare TCP -is also supported, but is recommended only for secure networks. - - See sites-available/tls for complete details on using TLS. The -server can both receive incoming TLS connections, and also originate -outgoing TLS connections. - - The TLS configuration is taken from the old EAP-TLS configuration. -It is largely identical to the old EAP-TLS configuration, so it should -be simple to use and configure. It re-uses much of the EAP-TLS code, -too. - diff --git a/raddb/README.rst b/raddb/README.rst new file mode 100644 index 00000000000..8c9c2e7b8a0 --- /dev/null +++ b/raddb/README.rst @@ -0,0 +1,107 @@ +Upgrading to Version 3.0 +======================== + +The configuration for 3.0 is *largely* compatible with the 2.x +configuration. However, it is NOT possible to simply use the 2.x +configuration as-is. Instead, you should re-create it. + +Security +-------- + +A number of configuration items have moved into the "security" +subsection of radiusd.conf. If you use these, you should move them. +Otherwise, they can be ignored. + +The list of moved options is:: + + chroot + user + group + allow_core_dumps + reject_delay + status_server + + +Modules Directory +----------------- + +As of version 3.0, the ``modules/`` directory no longer exists. + +Instead, all "example" modules have been put into the +``mods-available/`` directory. Modules which can be loaded by the server +are placed in the ``mods-enabled/`` directory. + +Modules can be enabled by creating a soft link. For module ``foo``, do:: + + $ cd raddb + $ ln -s mods-available/foo mods-enabled/foo + +To create "local" versions of the modules, we suggest copying the file +instead. This leaves the original file (with documentation) in the +``mods-available/`` directory. Local changes should go into the +``mods-enabled/`` directory. + + +SQL +--- + +The SQL configuration has been moved from ``sql.conf`` to +``mods-available/sql``. The ``sqlippool.conf`` file has also been +moved to ``mods-available/sqlippool``. + +The SQL module configuration has been changed. The old connection +pool options are no longer understood:: + + num_sql_socks + connect_failure_retry_delay + lifetime + max_queries + +Instead, a connection pool configuration is used. This configuration +contains all of the functionality of the previous configuration, but +in a more generic form. It also is used in multiple modules, meaning +that there are fewer different configuration items. The mapping +between the configuration items is:: + + num_sql_socks -> pool { max } + connect_failure_retry_delay -> NOT SUPPORTED + lifetime -> pool { lifetime } + max_queries -> pool { uses } + +The pool configuration adds a number of new configuration options, +which allow the administrator to better control how FreeRADIUS uses +SQL connection pools. + + +EAP +--- + +The EAP configuration has been moved from ``eap.conf`` to ``mods-available/eap``. + +It is otherwise unchanged. You chould be able to copy your old +``eap.conf`` file directly to ``mods-enabled/eap``. + + +RadSec +------ + +RadSec (or RADIUS over TLS) is now supported. RADIUS over bare TCP +is also supported, but is recommended only for secure networks. + +See ``sites-available/tls`` for complete details on using TLS. The server +can both receive incoming TLS connections, and also originate outgoing +TLS connections. + +The TLS configuration is taken from the old EAP-TLS configuration. It +is largely identical to the old EAP-TLS configuration, so it should be +simple to use and configure. It re-uses much of the EAP-TLS code, +too. + +Once RadSec is enabled, normal debugging mode will not work. This is +because the TLS code requires threading to work properly. Instead of doing:: + + $ radiusd -X + +you will need to do:: + + $ radiusd -fxx -l stdout