aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Jirutka <jakub@jirutka.cz>2020-02-13 23:59:55 +0100
committerJakub Jirutka <jakub@jirutka.cz>2020-02-14 12:13:52 +0100
commita0553571b25cb8e8ec03e3170c45e449bbdbacb5 (patch)
tree7f00aa9d5fdfeb2c48afb1775acd05d0e0e5f9af
parent04382d03418bdfccbf56091259eaa7524ac2e39e (diff)
downloadaports-a0553571b25cb8e8ec03e3170c45e449bbdbacb5.tar.gz
aports-a0553571b25cb8e8ec03e3170c45e449bbdbacb5.tar.bz2
aports-a0553571b25cb8e8ec03e3170c45e449bbdbacb5.tar.xz
main/freeradius: fix default location of db_dir and run_dir
This shouldn't be in /etc, as even the comment above suggests. Both Fedora and Debian changes this to the correct location, /var/lib/radiusd. Also specify real openssl location.
-rw-r--r--main/freeradius/APKBUILD7
-rw-r--r--main/freeradius/default-config.patch (renamed from main/freeradius/freeradius-313-default-config.patch)38
2 files changed, 35 insertions, 10 deletions
diff --git a/main/freeradius/APKBUILD b/main/freeradius/APKBUILD
index bfc260fcae..5085a62b60 100644
--- a/main/freeradius/APKBUILD
+++ b/main/freeradius/APKBUILD
@@ -4,7 +4,7 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=freeradius
pkgver=3.0.20
-pkgrel=3
+pkgrel=4
pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server"
url="https://freeradius.org/"
arch="all"
@@ -66,7 +66,7 @@ source="ftp://ftp.freeradius.org/pub/freeradius/$pkgname-server-$pkgver.tar.gz
musl-fix-headers.patch
fix-scopeid.patch
- freeradius-313-default-config.patch
+ default-config.patch
Fix-permissions-of-certs-in-bootstrap-fallback.patch
fix-request_running-segfault.patch
"
@@ -138,6 +138,7 @@ package() {
install -d -m0750 -o radius -g radius \
"$pkgdir"/var/run/radius \
+ "$pkgdir"/var/lib/radiusd \
"$pkgdir"/var/log/radius \
"$pkgdir"/var/log/radius/radacct
@@ -311,6 +312,6 @@ e248159c0a44f722e405c51c8015d9ad672e42ad0d38ca28f8a051ff911aa4d3e630b9bd4543e9d6
ba3c424d4eabb147c7aa3e31575a87ddb26b6a792d2a8714e73d8763e07854326a03a83991a7420246ca06bf0b93d0a6f23ec198f5e48647f9d25b40067e852a freeradius.initd
c49e5eec7497fccde5fd09dba1ea9b846e57bc88015bd81640aa531fb5c9b449f37136f42c85fe1d7940c5963aed664b85da28442b388c9fb8cc27873df03b2d musl-fix-headers.patch
41d478c0e40ff82fc36232964037c1ab8ffca9fdbb7dca02ed49319906e751c133b5d7bc7773c645cec6d9d39d1de69cba25e8d59afa8d6662563dd17f35f234 fix-scopeid.patch
-666e15a3c3e5b98ff8c3168de85b341606af5e2790af379ddec46464e9d7de14a715876a34ba1eb7fa47ddead23f7134128d591db32309db0e4acbdb6f21ef5e freeradius-313-default-config.patch
+14fdb7176a6e76bb078f71ae494da4f675bcdd4a90cac7ac17cc34fab5107b1faef7b37c5551917e9fb81ab26fb4e2186e23766ac2bba06db911d4b3cd7fad0b default-config.patch
f88cb4ae335d67211c8563b6df88e20ee3729e57aa56423f99b518f83b190479b38bb189a0ab53c70ef9709a6229ccaa506ea6b79844cbfd4f2a7f0c7c292045 Fix-permissions-of-certs-in-bootstrap-fallback.patch
7ddf75901f635216b0d972c14631334a8138e0dbb021685bb6b3a996f38d232b84146c621dae541b00f6149fa401e835d1579bbacd27fad72a80bacd4391b404 fix-request_running-segfault.patch"
diff --git a/main/freeradius/freeradius-313-default-config.patch b/main/freeradius/default-config.patch
index 9d093493f0..879722670d 100644
--- a/main/freeradius/freeradius-313-default-config.patch
+++ b/main/freeradius/default-config.patch
@@ -1,6 +1,19 @@
---- freeradius-server-3.0.13.orig/raddb/radiusd.conf.in
-+++ freeradius-server-3.0.13/raddb/radiusd.conf.in
-@@ -436,8 +436,8 @@
+--- a/raddb/radiusd.conf.in
++++ b/raddb/radiusd.conf.in
+@@ -98,10 +98,9 @@
+ modconfdir = ${confdir}/mods-config
+ certdir = ${confdir}/certs
+ cadir = ${confdir}/certs
+-run_dir = ${localstatedir}/run/${name}
++run_dir = /run/${name}
+
+-# Should likely be ${localstatedir}/lib/radiusd
+-db_dir = ${raddbdir}
++db_dir = ${localstatedir}/lib/radiusd
+
+ #
+ # libdir: Where to find the rlm_* modules.
+@@ -501,8 +500,8 @@
# member. This can allow for some finer-grained access
# controls.
#
@@ -11,8 +24,8 @@
# Core dumps are a bad thing. This should only be set to
# 'yes' if you're debugging a problem with the server.
---- freeradius-server-3.0.13.orig/raddb/sites-available/default
-+++ freeradius-server-3.0.13/raddb/sites-available/default
+--- a/raddb/sites-available/default
++++ b/raddb/sites-available/default
@@ -379,10 +379,10 @@
# uncomment it as well; this will further reduce the number of
# LDAP and/or SQL queries for TTLS or PEAP.
@@ -54,8 +67,8 @@
#
# If the server tries to proxy a request and fails, then the
---- freeradius-server-3.0.13.orig/raddb/sites-available/inner-tunnel
-+++ freeradius-server-3.0.13/raddb/sites-available/inner-tunnel
+--- a/raddb/sites-available/inner-tunnel
++++ b/raddb/sites-available/inner-tunnel
@@ -131,9 +131,9 @@
# for the many packets that go back and forth to set up TTLS
# or PEAP. The load on those servers will therefore be reduced.
@@ -87,3 +100,14 @@
}
} # inner-tunnel server block
+--- a/raddb/mods-available/eap
++++ b/raddb/mods-available/eap
+@@ -586,7 +586,7 @@
+ # deleted by the server when the command
+ # returns.
+ #
+- # client = "/path/to/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
++ # client = "/usr/bin/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
+ }
+
+ # OCSP Configuration