Path to this page:
./
net/freeradius,
Free RADIUS server implementation
Branch: CURRENT,
Version: 3.2.5nb2,
Package name: freeradius-3.2.5nb2,
Maintainer: pkgsrc-usersFreeRADIUS is the most widely deployed RADIUS server in the world.
It is the basis for multiple commercial offerings.
DEINSTALL [+/-]# $NetBSD: DEINSTALL,v 1.5 2023/04/05 09:16:42 adam Exp $
#
# Remove default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites
#
SITES_ENABLED="default inner-tunnel"
MODS_ENABLED="always attr_filter chap date detail detail.log
digest dynamic_clients eap echo exec expiration expr
files linelog logintime mschap ntlm_auth pap passwd preprocess
radutmp realm replicate soh sradutmp totp unix unpack utf8"
case ${STAGE} in
DEINSTALL)
${ECHO} "Removing default modules and sites"
for s in ${SITES_ENABLED}; do
${RM} -f @PKG_SYSCONFDIR@/sites-enabled/${s}
done
for m in ${MODS_ENABLED}; do
${RM} -f @PKG_SYSCONFDIR@/mods-enabled/${m}
done
${RMDIR} @PKG_SYSCONFDIR@/sites-enabled
${RMDIR} @PKG_SYSCONFDIR@/mods-enabled
${RM} @PKG_SYSCONFDIR@/hints
${RM} @PKG_SYSCONFDIR@/huntgroups
${RM} @PKG_SYSCONFDIR@/users
;;
esac
MESSAGE.pam [+/-]===========================================================================
$NetBSD: MESSAGE.pam,v 1.2 2006/08/11 16:23:39 adrianp Exp $
Certain PAM modules require that radiusd run as root in order to
perform privileged operations. However, other PAM modules (e.g. pam-dbm),
will work with with radiusd running as non-root if the non-root user is
given the permissions necessary.
If you will be using a PAM module that requires radiusd to run as root
you can set the following in /etc/mk.conf:
RADIUS_USER=root
RADIUS_GROUP=wheel
And then re-install freeradius. Alternatively, you can just change the
following settings in your ${PKG_SYSCONFDIR}/radiusd.conf
user = root
group = wheel
===========================================================================
Required to run:[
databases/gdbm] [
security/openssl] [
devel/talloc]
Required to build:[
pkgtools/cwrappers]
Master sites:
Filesize: 3416.943 KB
Version history: (Expand)
- (2024-11-01) Updated to version: freeradius-3.2.5nb2
- (2024-11-01) Updated to version: freeradius-3.2.5nb1
- (2024-07-24) Updated to version: freeradius-3.2.5
- (2024-06-19) Updated to version: freeradius-3.2.4
- (2024-05-29) Updated to version: freeradius-3.2.3nb4
- (2023-11-08) Updated to version: freeradius-3.2.3nb3
CVS history: (Expand)
2024-01-12 15:30:12 by Jonathan Perkin | Files touched by this commit (1) |
Log message:
freeradius: Remove DEPMETHOD=build for dependencies.
The modules already have a full dependency on freeradius, which in turn has
a full dependency on all of these dependencies, so this does nothing but
cause indirect library dependency issues.
|
2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377) |
Log message:
*: recursive bump for icu 74.1
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247) |
Log message:
*: recursive bump for Python 3.11 as new default
|
2023-06-20 10:38:09 by Adam Ciarcinski | Files touched by this commit (2) |
Log message:
freeradius: fix missing SOL_TCP
|
2023-06-17 20:19:06 by Adam Ciarcinski | Files touched by this commit (9) | |
Log message:
freeradius: updated to 3.2.3
Version 3.2.3 has been released.
The focus of this release is stability.
|
2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) | |
Log message:
revbump after textproc/icu update
|
2023-04-05 11:16:43 by Adam Ciarcinski | Files touched by this commit (12) | |
Log message:
freeradius: updated to 3.2.2
Version 3.2.2
FEATURE IMPROVEMENTS
The "configure" process now gives a much clearer report when it's \
finished. Patches by Matthew Newton.
Fallback to "uname -n" on missing "hostname".
Export thread details in radmin "stats threads".
Improve queries for processing radacct into periodic usage data Fix from Nick Porter.
Update dictionary.juniper.
Add dictionary.calix.
Fix dictionary.rfc6519 DS-Lite-Tunnel-Name to be "octets".
Update documentation for robust-proxy-accounting, and be more aggressive about \
sending packets.
Add per-module README.md files in the source.
Add default Visual Studio configuration for developers.
Postgres can now automatically use alternate queries for errors other than \
duplicate keys.
%{listen:TLS-PSK-Identity} is now set when using PSK and psk_query This helps \
the server track the identity of the client which is connecting.
Include thread stats in Status-Server attributes.
Mark rlm_unbound stable and add to packages. Patches by Nick Porter.
Remove broken/unsupported Dockerfiles for centos8 and debian9.
Ensure Docker containers have stable uid/gid. Patches from Terry Burton.
BUG FIXES
Preliminary support for non-blocking TLS sockets.
Fix support for partial certificate chains after adding reload support.
Fix handling of debug_condition.
Clean up home server states, and re-sync with the dictionaries.
Correct certificate order when creating TLS-* attributes
Update use of isalpha() etc. so broken configurations have less impact on the server.
Outgoing TLS sockets now set SNI correctly from the "hostname" \
configuration item.
Support Apple Homebrew on the M1.
Better error messages when %{listen:TLS-...} is used.
Getting statistics via Status-Server can now be done within a virtual server.
Make TTLS+MS-CHAP work with TLS 1.3.
Fix md5 xlat memory leak when using OpenSSL 3. Fix by Terry Burton.
Version 3.2.1
FEATURE IMPROVEMENTS
Add dictionary.ciena, dictionary.nile, and DHCPv4 dictionaries,.
Add simultaneous-use queries for MS SQL.
Add radmin command for "stats pool <module-name>" Which prints \
out statistics about the connection pools.
Client statistics now shows "conflicts", to count conflicting packets.
New optional "lightweight accounting-on/off" strategy. When refreshing \
queries.conf you should also add the new nasreload table and corresponding \
GRANTs to your DB schema.
Add TLS-Client-Cert-X509v3-Certificate-Policies, which helps with Eduroam. \
Suggested by Stefan Winter.
Allow auth+acct for TCP sockets, too.
Add rlm_cache_redis. See raddb/mods-available/cache for details.
Allow radmin to look up home servers by name, too.
Ensure that dynamic clients don't create loops on duplicates Reported by Sam Yee.
Removed rlm_sqlhpwippool. There was no documentation, no configuration, and the \
module was ~15 years old with no one using it.
Marked rlm_python3 as stable.
Add sigalgs_list. See raddb/mods-available/eap. Patch from Boris Lytochkin.
For rlm_linelog, when opening files in /dev, look at "permissions" to \
see whether to open them r/w.
More flexibility for dynamic home servers. See \
doc/configuration/dynamic_home_servers.md and raddb/home_servers/README.md.
Allow setting of application_name for PostgreSQL. See mods-available/sql.
BUG FIXES
Correct test for open sessions in radacct for MS SQL.
The linelog module now opens /dev/stdout in "write-only" mode if the \
permissions are set to "u+w" (0002).
Various fixes to rlm_unbound from Nick Porter.
PEAP now correctly runs Post-Auth-Type Accept.
Create "TLS-Cert-*" for outbound Radsec, instead of TLS-Client-Cert-*. \
See sites-available/tls, and fix_cert_order.
Minor updates and fixes to CI, Dockerfiles and packaging.
Fix rlm_python3 build with python >= 3.10.
|