From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Tue, 1 Nov 2011 21:00:18 +0000 (+0100)
Subject: freeradius: Rework package.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=98fe558a9890d5a070b2f0540f0724faeef91baa;p=ipfire-3.x.git

freeradius: Rework package.

* Run daemon as user/group radiusd
* Add logfiles
* Remove a lot of unneeded stuff, like unsopported conf file
  or development headers.
* Create tmpfiles folder.

Reference #281
Fixes #280
---

diff --git a/freeradius/freeradius.nm b/freeradius/freeradius.nm
index a56d7804b..ba3c5f180 100644
--- a/freeradius/freeradius.nm
+++ b/freeradius/freeradius.nm
@@ -5,7 +5,7 @@
 
 name       = freeradius-server
 version    = 2.1.12
-release    = 1
+release    = 2
 
 groups     = System/Daemons
 url        = http://www.freeradius.org
@@ -30,6 +30,7 @@ build
 		libtool-devel
 		openssl-devel
 		perl
+		shadow-utils
 	end
 
 	PARALLELISMFLAGS = # Disabled
@@ -50,16 +51,47 @@ build
 		--without-rlm_sql_db2 \
 		--without-rlm_sql_oracle
 
+	prepare_cmds
+		%{create_user}
+	end
+
 	make_build_targets = LINK_MODE=-pie
 
 	install
 		make install R=%{BUILDROOT}
 
-		mkdir -pv %{BUILDROOT}/etc/logrotate.d/
-		cp -vf %{DIR_SOURCE}/logrotate/freeradius %{BUILDROOT}/etc/logrotate.d/
+		# Change freeradius user and group.
+		perl -i -pe 's/^#user =.*$/user = radiusd/' %{BUILDROOT}/etc/raddb/radiusd.conf
+		perl -i -pe 's/^#group =.*$/group = radiusd/' %{BUILDROOT}/etc/raddb/radiusd.conf
+
+		# Create emty logfiles.
+		mkdir -pv %{BUILDROOT}/var/log/radius/radacct
+		touch %{BUILDROOT}/var/log/radius/{radutmp,radius.log}
+		chown -Rv radiusd.radiusd %{BUILDROOT}/var/log/radius/
+
+		# Create tmpfiles folder.
+		mkdir -pv %{BUILDROOT}/run/radiusd
+		chown -Rv radiusd.radiusd %{BUILDROOT}/run/radiusd/
+
+		# Remove unneeded stuff.
+		rm -vf %{BUILDROOT}/usr/sbin/rc.radiusd
+		rm -rvf %{BUILDROOT}/etc/raddb/sql/
+		rm -rvf %{BUILDROOT}/var/run/
+
+		# Remove header files, we don't ship a devel package.
+		rm -rvf %{BUILDROOT}/usr/include/
+
+		# remove unsupported config file.
+		rm -vf %{BUILDROOT}/etc/raddb/experimental.conf
 	end
 end
 
+create_user
+	getent group radiusd >/dev/null || /usr/sbin/groupadd -r radiusd
+	getent passwd radiusd >/dev/null || /usr/sbin/useradd -r -g radiusd \
+		-d /var/lib/radiusd -s /sbin/nologin radiusd
+end
+
 quality-agent
 	whitelist_rpath
 		/usr/lib/freeradius
diff --git a/freeradius/freeradius.tmpfiles b/freeradius/freeradius.tmpfiles
index f06f7f3d3..40b0b891c 100644
--- a/freeradius/freeradius.tmpfiles
+++ b/freeradius/freeradius.tmpfiles
@@ -1,2 +1,2 @@
-d /var/run/radiusd 0750 root root -
+d /run/radiusd 0750 root root -