From: Arran Cudbard-Bell Date: Mon, 13 Sep 2021 19:16:15 +0000 (-0500) Subject: Create a state directory for net-snmp X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d0c2803cbc26108d5d92919ac7a324beb59e734a;p=thirdparty%2Ffreeradius-server.git Create a state directory for net-snmp --- diff --git a/debian/freeradius-snmp.dirs b/debian/freeradius-snmp.dirs new file mode 100644 index 00000000000..10f07adf136 --- /dev/null +++ b/debian/freeradius-snmp.dirs @@ -0,0 +1 @@ +var/lib/freeradius/snmp diff --git a/debian/freeradius.dirs b/debian/freeradius.dirs index d5c578829aa..66c62bfc4d7 100644 --- a/debian/freeradius.dirs +++ b/debian/freeradius.dirs @@ -1,2 +1,3 @@ usr/lib/freeradius var/log/freeradius +var/lib/freeradius diff --git a/debian/freeradius.postinst b/debian/freeradius.postinst index d1ad8107397..ce51a1d66c1 100644 --- a/debian/freeradius.postinst +++ b/debian/freeradius.postinst @@ -17,6 +17,11 @@ case "$1" in dpkg-statoverride --add --update freerad freerad 0755 /var/run/freeradius fi + if ! dpkg-statoverride --list | grep -q /var/lib/freeradius$; then + mkdir -p /var/lib/freeradius + dpkg-statoverride --add --update freerad freerad 0755 /var/lib/freeradius + fi + if ! dpkg-statoverride --list | grep -q /var/log/freeradius$; then mkdir -p /var/log/freeradius dpkg-statoverride --add --update freerad freerad 0750 /var/log/freeradius diff --git a/debian/freeradius.service b/debian/freeradius.service index b48b69081f1..475d11f0488 100644 --- a/debian/freeradius.service +++ b/debian/freeradius.service @@ -17,6 +17,11 @@ EnvironmentFile=-/etc/default/freeradius # We provide HOSTNAME here for convenience. Environment=HOSTNAME=%H +# Not needed/used unless the freeradius-snmp package is installed. +# Used by snmptrap and friends to determine where to stored persistent +# configuration files. +Environment=SNMP_PERSISTENT_DIR=/var/lib/freeradius/snmp + # Limit memory to 2G this is fine for %99.99 of deployments. FreeRADIUS # is not memory hungry, if it's using more than this, then there's probably # a leak somewhere. @@ -65,5 +70,11 @@ ReadOnlyDirectories=/etc/freeradius/ # We can read and write to the log directory. ReadWriteDirectories=/var/log/freeradius/ +# We can read and write to our run dir +ReadWriteDirectories=/var/run/freeradius/ + +# We can read and write to our persistent dir +ReadWriteDirectories=/var/lib/freeradius/ + [Install] WantedBy=multi-user.target diff --git a/redhat/freeradius.spec b/redhat/freeradius.spec index bb7460dd949..dbebc5dec7b 100644 --- a/redhat/freeradius.spec +++ b/redhat/freeradius.spec @@ -714,8 +714,8 @@ fi %{initddir}/radiusd %endif -%dir %attr(755,radiusd,radiusd) /var/lib/radiusd -%dir %attr(755,radiusd,radiusd) /var/run/radiusd/ +%dir %attr(755,radiusd,radiusd) %{_sharedstatedir}/radiusd/ +%dir %attr(755,radiusd,radiusd) %{_rundir}/radiusd/ # binaries %defattr(-,root,root) /usr/sbin/checkrad @@ -913,6 +913,7 @@ fi %defattr(-,root,root) /usr/bin/radsnmp %{_datadir}/snmp/mibs/* +%dir %attr(750,radiusd,radiusd) %{_sharedstatedir}/radiusd/snmp %files perl-util %defattr(-,root,root) diff --git a/redhat/radiusd.service b/redhat/radiusd.service index 0932102d38a..e5b84c6c49c 100644 --- a/redhat/radiusd.service +++ b/redhat/radiusd.service @@ -17,6 +17,11 @@ EnvironmentFile=-/etc/sysconfig/radiusd # We provide HOSTNAME here for convenience. Environment=HOSTNAME=%H +# Not needed/used unless the freeradius-snmp package is installed. +# Used by snmptrap and friends to determine where to stored persistent +# configuration files. +Environment=SNMP_PERSISTENT_DIR=/var/lib/radiusd/snmp + # Limit memory to 2G this is fine for %99.99 of deployments. FreeRADIUS # is not memory hungry, if it's using more than this, then there's probably # a leak somewhere. @@ -64,5 +69,11 @@ ReadOnlyDirectories=/etc/raddb/ # We can read and write to the log directory. ReadWriteDirectories=/var/log/radius/ +# We can read and write to our run dir +ReadWriteDirectories=/var/run/radiusd/ + +# We can read and write to our persistent dir +ReadWriteDirectories=/var/lib/radiusd/ + [Install] WantedBy=multi-user.target