[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[Matt Turner]

commit:     9a502883369ac2d353e09468aa6d0ac71c5b73a2
Author:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
AuthorDate: Wed Nov 23 18:19:55 2016 +0000
Commit:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
CommitDate: Sat Nov 26 22:27:17 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9a502883

net-dialup/freeradius: Run service as radius user by default.

Bug: https://bugs.gentoo.org/465768

 net-dialup/freeradius/files/radius.conf-r4        | 16 ++++++++++++++++
 net-dialup/freeradius/freeradius-3.0.12-r1.ebuild |  6 +++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/net-dialup/freeradius/files/radius.conf-r4 b/net-dialup/freeradius/files/radius.conf-r4
new file mode 100644
index 00000000..a5760d2
--- /dev/null
+++ b/net-dialup/freeradius/files/radius.conf-r4
@@ -0,0 +1,16 @@
+# Config file for /etc/init.d/radiusd
+
+# see man pages for radiusd run `radiusd -h`
+# for valid cmdline options
+#RADIUSD_OPTS=""
+
+# Change this value if you change it in /etc/raddb/radiusd.conf
+pidfile=/var/run/radiusd/radiusd.pid
+
+# Change these values if you change them in /etc/raddb/radiusd.conf
+RADIUSD_USER=radius
+RADIUSD_GROUP=radius
+
+# If you set up logging to syslog in /etc/raddb/radiusd.conf, you want
+# to uncomment the following line.
+#rc_use="logger"

diff --git a/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild b/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild
index 48c72ca..f69459b 100644
--- a/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild
+++ b/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild
@@ -98,6 +98,8 @@ src_prepare() {
 	}
 
 	sed -i \
+		-e 's:^#\tuser = :\tuser = :g' \
+		-e 's:^#\tgroup = :\tgroup = :g' \
 		-e 's:/var/run/radiusd:/run/radiusd:g' \
 		-e '/^run_dir/s:${localstatedir}::g' \
 		raddb/radiusd.conf.in || die
@@ -196,7 +198,7 @@ src_install() {
 	rm "${D}/usr/sbin/rc.radiusd" || die
 
 	newinitd "${FILESDIR}/radius.init-r3" radiusd
-	newconfd "${FILESDIR}/radius.conf-r3" radiusd
+	newconfd "${FILESDIR}/radius.conf-r4" radiusd
 
 	prune_libtool_files
 }
@@ -205,6 +207,8 @@ pkg_config() {
 	if use ssl; then
 		cd "${ROOT}"/etc/raddb/certs
 		./bootstrap
+
+		chown -R root:radius "${ROOT}"/etc/raddb/certs
 	fi
 }
 

[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[Matt Turner]

commit:     4c3aa39b372aab04214d850034ca822071ea6e05
Author:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 26 21:47:22 2016 +0000
Commit:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
CommitDate: Sat Nov 26 22:27:17 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c3aa39b

net-dialup/freeradius: Add systemd unit files.

Bug: https://bugs.gentoo.org/show_bug.cgi?id=543464

 net-dialup/freeradius/files/freeradius.service    | 15 +++++++++++++++
 net-dialup/freeradius/files/freeradius.tmpfiles   |  1 +
 net-dialup/freeradius/freeradius-3.0.12-r1.ebuild |  7 ++++---
 3 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/net-dialup/freeradius/files/freeradius.service b/net-dialup/freeradius/files/freeradius.service
new file mode 100644
index 00000000..5304f07
--- /dev/null
+++ b/net-dialup/freeradius/files/freeradius.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=FreeRADIUS high performance RADIUS server.
+After=syslog.target network.target
+
+[Service]
+Type=simple
+PIDFile=/run/radiusd/radiusd.pid
+ExecStartPre=-/bin/chown -R radius.radius /run/radiusd
+ExecStartPre=/usr/sbin/radiusd -C
+ExecStart=/usr/sbin/radiusd -d /etc/raddb -f
+ExecReload=/usr/sbin/radiusd -C
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target

diff --git a/net-dialup/freeradius/files/freeradius.tmpfiles b/net-dialup/freeradius/files/freeradius.tmpfiles
new file mode 100644
index 00000000..21620c9
--- /dev/null
+++ b/net-dialup/freeradius/files/freeradius.tmpfiles
@@ -0,0 +1 @@
+d /run/radiusd 0755 radius radius -

diff --git a/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild b/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild
index f69459b..dedda6b 100644
--- a/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild
+++ b/net-dialup/freeradius/freeradius-3.0.12-r1.ebuild
@@ -5,9 +5,7 @@
 EAPI=6
 
 PYTHON_COMPAT=( python2_7 )
-inherit autotools eutils pam python-any-r1 user
-
-#PATCHSET=4
+inherit autotools eutils pam python-any-r1 systemd user
 
 MY_P="${PN}-server-${PV}"
 
@@ -200,6 +198,9 @@ src_install() {
 	newinitd "${FILESDIR}/radius.init-r3" radiusd
 	newconfd "${FILESDIR}/radius.conf-r4" radiusd
 
+	systemd_newtmpfilesd "${FILESDIR}"/freeradius.tmpfiles freeradius.conf
+	systemd_dounit "${FILESDIR}"/freeradius.service
+
 	prune_libtool_files
 }
 

[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[Pacho Ramos]

commit:     3a66685246169d3f54d4bd60cc2bfd8b0cab80b9
Author:     Pacho Ramos <pacho <AT> gentoo <DOT> org>
AuthorDate: Tue Jun  6 17:18:08 2017 +0000
Commit:     Pacho Ramos <pacho <AT> gentoo <DOT> org>
CommitDate: Tue Jun  6 17:28:35 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a666852

net-dialup/freeradius: Drop old

Package-Manager: Portage-2.3.6, Repoman-2.3.2

 net-dialup/freeradius/Manifest                     |   2 -
 .../freeradius/files/freeradius-2.2.5-gentoo.patch | 104 -----------
 net-dialup/freeradius/files/radius.conf-r3         |  16 --
 net-dialup/freeradius/freeradius-2.2.9-r2.ebuild   | 195 ---------------------
 4 files changed, 317 deletions(-)

diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
index 0886686ea08..2ac67f0326d 100644
--- a/net-dialup/freeradius/Manifest
+++ b/net-dialup/freeradius/Manifest
@@ -1,3 +1 @@
-DIST freeradius-2.2.0-patches-4.tar.xz 3140 SHA256 9fd7b6f7e1501d63a073e6279b20eb6d8154e7898d81c85a5c548543ab33c1af SHA512 38ebd65d9ad8ce8f513f2f5c7fd9ff43b81cf468038a49f9eb7f4a54d13783e88866c3031e7abc0fc8b65d2aec4f347efa358b9e7e2aadb2d15567ce7e125d1d WHIRLPOOL a532444f6bfebe260a6b4bf43157fa1624ce9920a86635172ac94e0f757263904bac6ca6a472e12df73e32a8d25d6f7b094272bd743d13c566f23bfcbff6df27
-DIST freeradius-server-2.2.9.tar.gz 4424239 SHA256 e1b8fcdb7467719ecd760678b628a733b3d14e998dc240d8563c5093f98aacd3 SHA512 a631f68165fe96d030c7d15ebc72ed3885badf089ad155204a773686747f17f355181f087e389c76b96525affcd54f4c16e4a7788375968eef0899c6a416a27e WHIRLPOOL 14382f14a7fe0943733e445b8ea334745d5c01596bf2530ff0c8dd53c3cc3836f8895b95c1128dcc71db5b95361e9a5829a6abb136422cb819e98656ca8a2ca9
 DIST freeradius-server-3.0.13.tar.gz 4810570 SHA256 34da25c1a0e39dc57821ed6d1af1c1cc8bb7e280169cc8b4003acbfc4184328e SHA512 b4cb6203ca34ec459ea0f4f7960b4c5039ecd1be3de005251213ab6a9254d11fa9534b96d222eb83e6b35966aaeb6081362fd103eb73e0d76c009a655a47277f WHIRLPOOL 74dffb672cfc42060a9b133d60b4e4fe90207912f87549b212f5cf3e34adc315006edec161a5884d6977ede35c3f7f9bcd72085ee07ecc1c0dc6fe16b9d9e9b7

diff --git a/net-dialup/freeradius/files/freeradius-2.2.5-gentoo.patch b/net-dialup/freeradius/files/freeradius-2.2.5-gentoo.patch
deleted file mode 100644
index c51597cbb92..00000000000
--- a/net-dialup/freeradius/files/freeradius-2.2.5-gentoo.patch
+++ /dev/null
@@ -1,104 +0,0 @@
---- a/raddb/radiusd.conf.in
-+++ b/raddb/radiusd.conf.in
-@@ -103,7 +103,7 @@
- #	make
- #	make install
- #
--libdir = @libdir@
-+libdir = @libdir@/freeradius
- 
- #  pidfile: Where to place the PID of the RADIUS server.
- #
---- a/src/modules/Makefile
-+++ b/src/modules/Makefile
-@@ -12,7 +12,7 @@
- 	@$(MAKE) $(MFLAGS) WHAT_TO_MAKE=$@ common
- 
- install:
--	$(INSTALL) -d -m 755 $(R)$(libdir)
-+	$(INSTALL) -d -m 755 $(R)$(pkglibdir)
- 	@$(MAKE) $(MFLAGS) WHAT_TO_MAKE=$@ common
- 
- clean:
---- a/src/modules/rules.mak
-+++ b/src/modules/rules.mak
-@@ -122,7 +122,7 @@
- $(TARGET).la: $(RLM_SUBDIRS) $(LT_OBJS)
- 	$(LIBTOOL) --mode=link --tag=CC $(CC) -release $(RADIUSD_VERSION_STRING) \
- 	-module $(LINK_MODE) $(LDFLAGS) $(RLM_LDFLAGS) -o $@     \
--	-rpath $(libdir) $^ $(LIBRADIUS) $(RLM_LIBS) $(LIBS)
-+	-rpath $(pkglibdir) $^ $(LIBRADIUS) $(RLM_LIBS) $(LIBS)
- 
- #######################################################################
- #
-@@ -163,13 +163,11 @@
- #  Do any module-specific installation.
- #
- #  If there isn't a TARGET defined, then don't do anything.
--#  Otherwise, install the libraries into $(libdir)
-+#  Otherwise, install the libraries into $(pkglibdir)
- #
- install:
- 	@[ "x$(RLM_INSTALL)" = "x" ] || $(MAKE) $(MFLAGS) $(RLM_INSTALL)
- 	if [ "x$(TARGET)" != "x" ]; then \
- 	    $(LIBTOOL) --mode=install $(INSTALL) -c \
--		$(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
--	    rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la; \
--	    ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la || exit $$?; \
-+		$(TARGET).la $(R)$(pkglibdir)/$(TARGET).la || exit $$?; \
- 	fi
---- a/src/modules/rlm_sql/drivers/rules.mak
-+++ b/src/modules/rlm_sql/drivers/rules.mak
-@@ -103,7 +103,7 @@
- $(TARGET).la: $(LT_OBJS)
- 	$(LIBTOOL) --mode=link --tag=CC $(CC) -release $(RADIUSD_VERSION_STRING) \
- 	-module $(LINK_MODE) $(LDFLAGS) $(RLM_SQL_LDFLAGS) -o $@ \
--	-rpath $(libdir) $^ $(RLM_SQL_LIBS)
-+	-rpath $(pkglibdir) $^ $(RLM_SQL_LIBS)
- 
- #######################################################################
- #
-@@ -141,12 +141,10 @@
- #  Do any module-specific installation.
- #
- #  If there isn't a TARGET defined, then don't do anything.
--#  Otherwise, install the libraries into $(libdir)
-+#  Otherwise, install the libraries into $(pkglibdir)
- #
- install:
- 	if [ "x$(TARGET)" != "x" ]; then \
- 	    $(LIBTOOL) --mode=install $(INSTALL) -c \
--		$(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
--	    rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la; \
--	    ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la || exit $$?; \
-+		$(TARGET).la $(R)$(pkglibdir)/$(TARGET).la || exit $$?; \
- 	fi
---- a/src/lib/Makefile
-+++ b/src/lib/Makefile
-@@ -42,7 +42,7 @@
- 
- $(TARGET).la: $(LT_OBJS)
- 	$(LIBTOOL) --mode=link --tag=CC $(CC) -release $(RADIUSD_VERSION) \
--	$(LDFLAGS) $(LINK_MODE) -o $@ -rpath $(libdir) $^
-+	$(LDFLAGS) $(LINK_MODE) -o $@ -rpath $(libdir) $^ $(LIBS)
- 
- $(LT_OBJS): $(INCLUDES)
- 
-@@ -54,7 +54,5 @@
- 	$(INSTALL) -d -m 755	$(R)$(libdir)
- 	$(LIBTOOL) --mode=install $(INSTALL) -c $(TARGET).la \
- 		$(R)$(libdir)/$(TARGET).la
--	rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la;
--	ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la
- 
- reconfig:
---- a/Make.inc.in
-+++ b/Make.inc.in
-@@ -10,6 +10,7 @@
- sysconfdir	= @sysconfdir@
- localstatedir	= @localstatedir@
- libdir		= @libdir@
-+pkglibdir	= @libdir@/freeradius
- bindir		= @bindir@
- sbindir		= @sbindir@
- docdir		= @docdir@

diff --git a/net-dialup/freeradius/files/radius.conf-r3 b/net-dialup/freeradius/files/radius.conf-r3
deleted file mode 100644
index 3c1bf3228cb..00000000000
--- a/net-dialup/freeradius/files/radius.conf-r3
+++ /dev/null
@@ -1,16 +0,0 @@
-# Config file for /etc/init.d/radiusd
-
-# see man pages for radiusd run `radiusd -h`
-# for valid cmdline options
-#RADIUSD_OPTS=""
-
-# Change this value if you change it in /etc/raddb/radiusd.conf
-pidfile=/var/run/radiusd/radiusd.pid
-
-# Change these values if you change them in /etc/raddb/radiusd.conf
-#RADIUSD_USER=radius
-#RADIUSD_GROUP=radius
-
-# If you set up logging to syslog in /etc/raddb/radiusd.conf, you want
-# to uncomment the following line.
-#rc_use="logger"

diff --git a/net-dialup/freeradius/freeradius-2.2.9-r2.ebuild b/net-dialup/freeradius/freeradius-2.2.9-r2.ebuild
deleted file mode 100644
index e3291aaa99a..00000000000
--- a/net-dialup/freeradius/freeradius-2.2.9-r2.ebuild
+++ /dev/null
@@ -1,195 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-inherit autotools eutils pam python-any-r1 user
-
-PATCHSET=4
-
-MY_P="${PN}-server-${PV}"
-
-DESCRIPTION="Highly configurable free RADIUS server"
-SRC_URI="
-	ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz
-	ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz
-	https://dev.gentoo.org/~flameeyes/${PN}/${PN}-2.2.0-patches-${PATCHSET}.tar.xz
-
-"
-HOMEPAGE="http://www.freeradius.org/"
-
-KEYWORDS="amd64 ~ppc ~ppc64 ~sparc x86 ~x86-fbsd"
-LICENSE="GPL-2"
-SLOT="0"
-
-IUSE="
-	debug firebird iodbc kerberos ldap mysql odbc oracle pam pcap
-	postgres python readline sqlite ssl
-"
-RESTRICT="firebird? ( bindist )"
-
-RDEPEND="!net-dialup/cistronradius
-	!net-dialup/gnuradius
-	sys-devel/libtool
-	dev-lang/perl:=
-	sys-libs/gdbm
-	python? ( ${PYTHON_DEPS} )
-	readline? ( sys-libs/readline:0= )
-	pcap? ( net-libs/libpcap )
-	mysql? ( virtual/mysql )
-	postgres? ( dev-db/postgresql:= )
-	firebird? ( dev-db/firebird )
-	pam? ( virtual/pam )
-	ssl? ( dev-libs/openssl:0= )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	sqlite? ( dev-db/sqlite:3 )
-	odbc? ( dev-db/unixODBC )
-	iodbc? ( dev-db/libiodbc )
-	oracle? ( dev-db/oracle-instantclient-basic )"
-DEPEND="${RDEPEND}"
-
-S="${WORKDIR}/${MY_P}"
-
-pkg_setup() {
-	enewgroup radius
-	enewuser radius -1 -1 /var/log/radius radius
-
-	python-any-r1_pkg_setup
-	export PYTHONBIN="${EPYTHON}"
-}
-
-src_prepare() {
-	eapply \
-		"${WORKDIR}"/patches/0002*patch \
-		"${WORKDIR}"/patches/0004*patch \
-		"${FILESDIR}"/${PN}-2.2.5-gentoo.patch
-
-	# most of the configuration options do not appear as ./configure
-	# switches. Instead it identifies the directories that are available
-	# and run through them. These might check for the presence of
-	# various libraries, in which case they are not built.  To avoid
-	# automagic dependencies, we just remove all the modules that we're
-	# not interested in using.
-
-	use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; }
-	use ldap || { rm -r src/modules/rlm_ldap || die ; }
-	use kerberos || { rm -r src/modules/rlm_krb5 || die ; }
-	use pam || { rm -r src/modules/rlm_pam || die ; }
-	use python || { rm -r src/modules/rlm_python || die ; }
-	# Do not install ruby rlm module, bug #483108
-	rm -r src/modules/rlm_ruby || die
-
-	# these are all things we don't have in portage/I don't want to deal
-	# with myself
-	rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library
-	rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2
-	rm -r src/modules/rlm_opendirectory || die # requires some membership.h
-	rm -r src/modules/rlm_redis{,who} || die # requires redis
-	rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds,sybase} || die
-
-	# sql drivers that are not part of experimental are loaded from a
-	# file, so we have to remove them from the file itself when we
-	# remove them.
-	usesqldriver() {
-		local flag=$1
-		local driver=rlm_sql_${2:-${flag}}
-
-		if ! use ${flag}; then
-			rm -r src/modules/rlm_sql/drivers/${driver} || die
-			sed -i -e /${driver}/d src/modules/rlm_sql/stable || die
-		fi
-	}
-
-	usesqldriver mysql
-	usesqldriver postgres postgresql
-	usesqldriver firebird
-	usesqldriver iodbc
-	usesqldriver odbc unixodbc
-	usesqldriver oracle
-	usesqldriver sqlite
-
-	# remove bundled ltdl to avoid conflicts
-	rm -r libltdl
-
-	default
-
-	eautoreconf
-}
-
-src_configure() {
-	# fix bug #77613
-	if has_version app-crypt/heimdal; then
-		myconf+=( --enable-heimdal-krb5 )
-	fi
-
-	use readline || export ac_cv_lib_readline=no
-	use pcap || export ac_cv_lib_pcap_pcap_open_live=no
-
-	# do not try to enable static with static-libs; upstream is a
-	# massacre of libtool best practices so you also have to make sure
-	# to --enable-shared explicitly.
-	econf \
-		--enable-shared --disable-static \
-		--disable-ltdl-install \
-		--with-system-libtool \
-		--with-system-libltdl \
-		--with-ascend-binary \
-		--with-udpfromto \
-		--with-dhcp \
-		--with-iodbc-include-dir=/usr/include/iodbc \
-		--with-experimental-modules \
-		--with-docdir=/usr/share/doc/${PF} \
-		--with-logdir=/var/log/radius \
-		$(use_enable debug developer) \
-		$(use_with ldap edir) \
-		$(use_with ssl openssl) \
-		${myconf[@]}
-}
-
-src_compile() {
-	emake LIBTOOL=libtool
-}
-
-src_install() {
-	dodir /etc
-	diropts -m0750 -o root -g radius
-	dodir /etc/raddb
-	diropts -m0750 -o radius -g radius
-	dodir /var/log/radius
-	keepdir /var/log/radius/radacct
-	diropts
-
-	emake LIBTOOL=libtool R="${D}" install
-
-	fowners -R root:radius /etc/raddb
-
-	# Fixing pidfile location (#546482)
-	sed \
-		'/^run_dir =/s@${localstatedir}@@' \
-		-i "${D}"/etc/raddb/radiusd.conf || die
-
-	pamd_mimic_system radiusd auth account password session
-
-	dodoc CREDITS
-
-	rm "${D}/usr/sbin/rc.radiusd" || die
-
-	newinitd "${FILESDIR}/radius.init-r3" radiusd
-	newconfd "${FILESDIR}/radius.conf-r3" radiusd
-}
-
-pkg_config() {
-	if use ssl; then
-		cd "${ROOT}"/etc/raddb/certs
-		./bootstrap
-	fi
-}
-
-pkg_preinst() {
-	if ! has_version ${CATEGORY}/${PN} && use ssl; then
-		elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
-		elog "to start the radiusd service."
-	fi
-}

[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[Joonas Niilola]

commit:     41fa8efcbdcf5a899806a609c4186f47b16ba8ec
Author:     Daniele Rondina <geaaru <AT> gmail <DOT> com>
AuthorDate: Tue Dec 17 17:55:55 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Wed Dec 18 16:32:37 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41fa8efc

net-dialup/freeradius: Bump v.3.0.19

Package-Manager: Portage-2.3.69, Repoman-2.3.14
Closes: https://github.com/gentoo/gentoo/pull/13463
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 net-dialup/freeradius/Manifest                     |   1 +
 .../files/freeradius-3.0.19-systemd-service.patch  |  53 +++++
 net-dialup/freeradius/freeradius-3.0.19.ebuild     | 242 +++++++++++++++++++++
 3 files changed, 296 insertions(+)

diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
index 853b2a895bd..c997772def9 100644
--- a/net-dialup/freeradius/Manifest
+++ b/net-dialup/freeradius/Manifest
@@ -1,3 +1,4 @@
 DIST freeradius-server-3.0.15.tar.gz 4818244 BLAKE2B 24cded2c4f0c6fc6a6135058c40bb2c9d100a55161f2edfc388efba991ff85ecd0f546bc2008cc0c50f2753cf93ece8e67dc3fc0fe13a8b935193ff1f68514b9 SHA512 9b92045b445032bde9d421499fdc0f6a08d602c501730c31a8d3974b21cc5c12c78abb024ed62a176c7aa7fe260fe1d19386aaf558e0fecfcd3a0ba7aa47499c
 DIST freeradius-server-3.0.17.tar.gz 4843020 BLAKE2B 9e1f54a9f5ad8ede471881ffe4ec987c3ac655a3c39fcd920094760c006102be02f3b7f25b14379a0bac876ac0944e8698c2781bbd804cd22d8b915b6c13a693 SHA512 381222e452288c56a1bf68953be57379a5568f0c92de022abc3004cc6a15078d46535b867b31801de3eb096ba7af92e745e79decfa7cc8151a1ffb371b1aea79
 DIST freeradius-server-3.0.18.tar.gz 4884192 BLAKE2B 21df490f5eba4e0eca42127181fa02a9451abf5fc2b0d7c5e6d0c5c287eda739585500a31f480dccc618c3bbb4096fbe9258c1b2d3a2047951abf85d68784862 SHA512 b81c40cd22170adb1126b9dde6dd84411dfafce33e27da6c4665cb4fc524aab854a7cd4c80757db50899604d7980aec7216e1c53b8184af482c7113692a26458
+DIST freeradius-server-3.0.19.tar.gz 4886632 BLAKE2B 6e9b73eaa29344e4efca6ad19d8e86df8c625921441712b71cb54c2b0db78fc909748da42be837a9170fb6312be22f236956f0d2b169050a37ac8c4de143cc96 SHA512 8a914e2ad1fbeb4cf8c00aaf7eaa154ea17f70e4d58734716bfaf71b3ddef9f8f63a4d3217bdc07dfa776273e5bf090bc98f7bb16f5b565339ddc3b9c13e091f

diff --git a/net-dialup/freeradius/files/freeradius-3.0.19-systemd-service.patch b/net-dialup/freeradius/files/freeradius-3.0.19-systemd-service.patch
new file mode 100644
index 00000000000..37b67dfb21a
--- /dev/null
+++ b/net-dialup/freeradius/files/freeradius-3.0.19-systemd-service.patch
@@ -0,0 +1,53 @@
+--- a/debian/freeradius.service	2019-12-01 10:02:31.453150556 +0100
++++ b/debian/freeradius.service	2019-12-01 10:08:16.781370632 +0100
+@@ -4,11 +4,10 @@
+ Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ http://networkradius.com/doc/
+ 
+ [Service]
+-Type=notify
+-WatchdogSec=60
+-NotifyAccess=all
+-PIDFile=/run/freeradius/freeradius.pid
+-EnvironmentFile=-/etc/default/freeradius
++# In 3.0.19 SystemD integration is broken.
++# Type=notify
++# WatchdogSec=60
++# NotifyAccess=all
+ 
+ # FreeRADIUS can do static evaluation of policy language rules based
+ # on environmental variables which is very useful for doing per-host
+@@ -26,17 +25,27 @@
+ # Ensure the daemon can still write its pidfile after it drops
+ # privileges. Combination of options that work on a variety of
+ # systems. Test very carefully if you alter these lines.
+-RuntimeDirectory=freeradius
++RuntimeDirectory=radiusd
+ RuntimeDirectoryMode=0775
+ # This does not work on Debian Jessie:
+-Group=freerad
+-# This does not work on Ubuntu Bionic:
+-ExecStartPre=/bin/chown freerad:freerad /var/run/freeradius
+-
+-ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cx -lstdout
+-ExecStart=/usr/sbin/freeradius $FREERADIUS_OPTIONS
++Group=radius
++User=radius
++ExecStartPre=/usr/sbin/radiusd $RADIUSD_OPTS -Cx -lstdout
++ExecStart=/usr/sbin/radiusd -f $RADIUSD_OPTS
++ExecReload=/usr/sbin/radiusd -C $RADIUSD_OPTS
++ExecReload=/bin/kill -HUP $MAINPID
+ Restart=on-failure
+ RestartSec=5
++ReadOnlyDirectories=/etc/raddb/
++ReadWriteDirectories=/var/log/radius/
++# Security options (https://github.com/FreeRADIUS/freeradius-server/issues/2637)
++NoNewPrivileges=true
++CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
++PrivateTmp=true
++ProtectControlGroups=true
++ProtectKernelModules=true
++ProtectKernelTunables=true
++SystemCallArchitectures=native
+ 
+ [Install]
+ WantedBy=multi-user.target

diff --git a/net-dialup/freeradius/freeradius-3.0.19.ebuild b/net-dialup/freeradius/freeradius-3.0.19.ebuild
new file mode 100644
index 00000000000..ce636555ba0
--- /dev/null
+++ b/net-dialup/freeradius/freeradius-3.0.19.ebuild
@@ -0,0 +1,242 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python2_7 )
+inherit autotools pam python-single-r1 systemd
+
+MY_P="${PN}-server-${PV}"
+
+DESCRIPTION="Highly configurable free RADIUS server"
+SRC_URI="
+	ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz
+	ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz
+"
+HOMEPAGE="http://www.freeradius.org/"
+
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
+LICENSE="GPL-2"
+SLOT="0"
+
+IUSE="
+	debug firebird iodbc kerberos ldap libressl memcached mysql odbc oracle pam
+	pcap postgres python readline rest samba sqlite ssl redis
+"
+RESTRICT="test firebird? ( bindist )"
+
+# NOTE: Temporary freeradius doesn't support linking with mariadb client
+#       libs also if code is compliant, will be available in the next release.
+#       (http://lists.freeradius.org/pipermail/freeradius-devel/2018-October/013228.html)a
+
+# TODO: rlm_mschap works with both samba library or without. I need to avoid
+#       linking of samba library if -samba is used.
+RDEPEND="acct-group/radius
+	acct-user/radius
+	!net-dialup/cistronradius
+	dev-lang/perl:=
+	sys-libs/gdbm:=
+	sys-libs/talloc
+	python? ( ${PYTHON_DEPS} )
+	readline? ( sys-libs/readline:0= )
+	pcap? ( net-libs/libpcap )
+	memcached? ( dev-libs/libmemcached )
+	mysql? ( dev-db/mysql-connector-c )
+	postgres? ( dev-db/postgresql:= )
+	firebird? ( dev-db/firebird )
+	pam? ( sys-libs/pam )
+	rest? ( dev-libs/json-c:= )
+	samba? ( net-fs/samba )
+	redis? ( dev-libs/hiredis:= )
+	ssl? (
+		!libressl? ( dev-libs/openssl:0=[-bindist] )
+		libressl? ( dev-libs/libressl:0= )
+	)
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	sqlite? ( dev-db/sqlite:3 )
+	odbc? ( dev-db/unixODBC )
+	iodbc? ( dev-db/libiodbc )
+	oracle? ( dev-db/oracle-instantclient-basic )"
+DEPEND="${RDEPEND}"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+S="${WORKDIR}/${MY_P}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.0.18-libressl.patch
+	"${FILESDIR}"/${P}-systemd-service.patch
+)
+
+pkg_setup() {
+	if use python ; then
+		python-single-r1_pkg_setup
+		export PYTHONBIN="${EPYTHON}"
+	fi
+}
+
+src_prepare() {
+	# most of the configuration options do not appear as ./configure
+	# switches. Instead it identifies the directories that are available
+	# and run through them. These might check for the presence of
+	# various libraries, in which case they are not built.  To avoid
+	# automagic dependencies, we just remove all the modules that we're
+	# not interested in using.
+
+	use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; }
+	use ldap || { rm -r src/modules/rlm_ldap || die ; }
+	use kerberos || { rm -r src/modules/rlm_krb5 || die ; }
+	use memcached || { rm -r src/modules/rlm_cache/drivers/rlm_cache_memcached || die ; }
+	use pam || { rm -r src/modules/rlm_pam || die ; }
+	use python || { rm -r src/modules/rlm_python || die ; }
+	use rest || { rm -r src/modules/rlm_rest || die ; }
+	use redis || { rm -r src/modules/rlm_redis{,who} || die ; }
+	# Do not install ruby rlm module, bug #483108
+	rm -r src/modules/rlm_ruby || die
+
+	# these are all things we don't have in portage/I don't want to deal
+	# with myself
+	rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library
+	rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2
+	rm -r src/modules/rlm_opendirectory || die # requires some membership.h
+	rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die
+
+	# sql drivers that are not part of experimental are loaded from a
+	# file, so we have to remove them from the file itself when we
+	# remove them.
+	usesqldriver() {
+		local flag=$1
+		local driver=rlm_sql_${2:-${flag}}
+
+		if ! use ${flag}; then
+			rm -r src/modules/rlm_sql/drivers/${driver} || die
+			sed -i -e /${driver}/d src/modules/rlm_sql/stable || die
+		fi
+	}
+
+	sed -i \
+		-e 's:^#\tuser = :\tuser = :g' \
+		-e 's:^#\tgroup = :\tgroup = :g' \
+		-e 's:/var/run/radiusd:/run/radiusd:g' \
+		-e '/^run_dir/s:${localstatedir}::g' \
+		raddb/radiusd.conf.in || die
+
+	# verbosity
+	# build shared libraries using jlibtool --shared
+	sed -i \
+		-e '/$(LIBTOOL)/s|--quiet ||g' \
+		-e 's:--mode=\(compile\|link\):& --shared:g' \
+		Make.inc.in || die
+
+	sed -i \
+		-e 's|--silent ||g' \
+		-e 's:--mode=\(compile\|link\):& --shared:g' \
+		scripts/libtool.mk || die
+
+	# crude measure to stop jlibtool from running ranlib and ar
+	sed -i \
+		-e '/LIBRARIAN/s|".*"|"true"|g' \
+		-e '/RANLIB/s|".*"|"true"|g' \
+		scripts/jlibtool.c || die
+
+	usesqldriver mysql
+	usesqldriver postgres postgresql
+	usesqldriver firebird
+	usesqldriver iodbc
+	usesqldriver odbc unixodbc
+	usesqldriver oracle
+	usesqldriver sqlite
+
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# do not try to enable static with static-libs; upstream is a
+	# massacre of libtool best practices so you also have to make sure
+	# to --enable-shared explicitly.
+	local myeconfargs=(
+		--enable-shared
+		--disable-static
+		--disable-ltdl-install
+		--with-system-libtool
+		--with-system-libltdl
+		--with-ascend-binary
+		--with-udpfromto
+		--with-dhcp
+		--with-iodbc-include-dir=/usr/include/iodbc
+		--with-experimental-modules
+		--with-docdir=/usr/share/doc/${PF}
+		--with-logdir=/var/log/radius
+		$(use_enable debug developer)
+		$(use_with ldap edir)
+		$(use_with ssl openssl)
+	)
+	# fix bug #77613
+	if has_version app-crypt/heimdal; then
+		myeconfargs+=( --enable-heimdal-krb5 )
+	fi
+
+	use readline || export ac_cv_lib_readline=no
+	use pcap || export ac_cv_lib_pcap_pcap_open_live=no
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	# verbose, do not generate certificates
+	emake \
+		Q='' ECHO=true \
+		LOCAL_CERT_PRODUCTS=''
+}
+
+src_install() {
+	dodir /etc
+	diropts -m0750 -o root -g radius
+	dodir /etc/raddb
+	diropts -m0750 -o radius -g radius
+	dodir /var/log/radius
+	keepdir /var/log/radius/radacct
+	diropts
+
+	# verbose, do not install certificates
+	# Parallel install fails (#509498)
+	emake -j1 \
+		Q='' ECHO=true \
+		LOCAL_CERT_PRODUCTS='' \
+		R="${D}" \
+		install
+
+	pamd_mimic_system radiusd auth account password session
+
+	dodoc CREDITS
+
+	rm "${ED}/usr/sbin/rc.radiusd" || die
+
+	newinitd "${FILESDIR}/radius.init-r3" radiusd
+	newconfd "${FILESDIR}/radius.conf-r4" radiusd
+
+	systemd_newtmpfilesd "${FILESDIR}"/freeradius.tmpfiles freeradius.conf
+	systemd_dounit "${S}"/debian/freeradius.service
+
+	find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die
+}
+
+pkg_config() {
+	if use ssl; then
+		cd "${ROOT}"/etc/raddb/certs || die
+		./bootstrap || die "Error while running ./bootstrap script."
+		fowners root:radius "${ROOT}"/etc/raddb/certs
+		fowners root:radius "${ROOT}"/etc/raddb/certs/ca.pem
+		fowners root:radius "${ROOT}"/etc/raddb/certs/server.{key,crt,pem}
+	fi
+}
+
+pkg_preinst() {
+	if ! has_version ${CATEGORY}/${PN} && use ssl; then
+		elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
+		elog "to start the radiusd service."
+	fi
+}

[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[Matt Turner]

commit:     5921dd829647c67b900a994522325dc2e0fcb1ed
Author:     Tomáš Mózes <hydrapolic <AT> gmail <DOT> com>
AuthorDate: Thu Dec 23 12:16:17 2021 +0000
Commit:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
CommitDate: Thu Dec 30 20:52:25 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5921dd82

net-dialup/freeradius: bump to 3.0.25

Closes: https://bugs.gentoo.org/719984
Closes: https://bugs.gentoo.org/721040
Closes: https://bugs.gentoo.org/784143
Closes: https://bugs.gentoo.org/816972
Closes: https://bugs.gentoo.org/818205
Closes: https://github.com/gentoo/gentoo/pull/23479
Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com>
Signed-off-by: Matt Turner <mattst88 <AT> gentoo.org>

 net-dialup/freeradius/Manifest                 |   1 +
 net-dialup/freeradius/files/radius.conf-r6     |  22 ++
 net-dialup/freeradius/freeradius-3.0.25.ebuild | 267 +++++++++++++++++++++++++
 3 files changed, 290 insertions(+)

diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
index b3bca2a66368..9c312f87501d 100644
--- a/net-dialup/freeradius/Manifest
+++ b/net-dialup/freeradius/Manifest
@@ -1,3 +1,4 @@
+DIST freeradius-3.0.25.tar.gz 5300245 BLAKE2B bf8908aa7bfabb9e15fa841457f176a4f2697bdec7994485516ef338908b46f2168260b7acf1a7120a687e543f0381bb787567bb4d564b9d14a3eb464a0e9ed6 SHA512 13382a53e6a1a4495c6f53e662ce21b80d73b6134a72f099f05495b64c56ae1a6c1cd1281311f1c3695d8532207fe5bd3d2026ed2c45f3cb5adb1011f1505ee7
 DIST freeradius-server-3.0.20.tar.gz 5002727 BLAKE2B f481ad22105694a4af3f0f0c1b4f6e395e8da0fe65274e32ebeed07e3c9b1869029e6ffbc655cfa41d5de2a1dcba54acee33a7a10d28bfbfce791b7ccd0fc57a SHA512 513ed0a5d9e6b9a8d89a9b02c86ff528a9ff14d928f4c1040ca44702465abd711588fe6afa35554cb2c8e8bd7f19dd5be3dbc78445c62c7b00bf5cbc4c621312
 DIST freeradius-server-3.0.21.tar.gz 5028506 BLAKE2B 3ccf9704a1f8b1ec5f6f066a475083fe7cefa793e8f53ecd287866fc505a832bf8031a4d07c2e07f79da6c6fb82e6a3435b0154d1f135167ebddfc9b8d401544 SHA512 85af1c305e99a56400b04be5c966900e7df8beb7b54626d6aa0cb300dc124817e43b424f9b27d86966bb76cca87dce741812ed8d681a568c7d7b63b3b53a9dfa
 DIST freeradius-server-3.0.22.tar.gz 5248422 BLAKE2B b48170a02a354562dc2dd27230476d2ce0823fa2f577dde3f3947ee14653d912a562eb480c2d2ed53b0ff536f63ce4482b24f2777b4a41ff2ed4aba88f4c196e SHA512 8ee05350b1a5e811a51030a3ef0c511c58275407171f0ce41775e3695f3e9a4477e2fc288541015d314be5457154201d4e95f4c45cf7f503bc8829909c2551a8

diff --git a/net-dialup/freeradius/files/radius.conf-r6 b/net-dialup/freeradius/files/radius.conf-r6
new file mode 100644
index 000000000000..50d2a1ce1f14
--- /dev/null
+++ b/net-dialup/freeradius/files/radius.conf-r6
@@ -0,0 +1,22 @@
+# Config file for /etc/init.d/radiusd
+
+# see man pages for radiusd run `radiusd -h`
+# for valid cmdline options
+#RADIUSD_OPTS=""
+
+# Change this value if you change it in /etc/raddb/radiusd.conf
+pidfile=/run/radiusd/radiusd.pid
+
+# Change these values if you change them in /etc/raddb/radiusd.conf
+RADIUSD_USER=radius
+RADIUSD_GROUP=radius
+
+RADIUSD_LOGPATH=/var/log/radius
+
+# If you set up logging to syslog in /etc/raddb/radiusd.conf, you want
+# to uncomment the following line.
+#rc_use="logger"
+
+# If you use ldap, start the ldap server prior to FreeRADIUS to avoid
+# startup crashes.
+#rc_use="ldap"

diff --git a/net-dialup/freeradius/freeradius-3.0.25.ebuild b/net-dialup/freeradius/freeradius-3.0.25.ebuild
new file mode 100644
index 000000000000..9479f1209c3d
--- /dev/null
+++ b/net-dialup/freeradius/freeradius-3.0.25.ebuild
@@ -0,0 +1,267 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..10} )
+inherit autotools pam python-single-r1 systemd
+
+MY_PV=$(ver_rs 1- "_")
+
+DESCRIPTION="Highly configurable free RADIUS server"
+HOMEPAGE="https://freeradius.org/"
+SRC_URI="https://github.com/FreeRADIUS/freeradius-server/archive/release_${MY_PV}.tar.gz -> ${P}.tar.gz"
+S="${WORKDIR}/freeradius-server-release_${MY_PV}"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
+
+IUSE="
+	debug firebird iodbc kerberos ldap memcached mysql mongodb odbc oracle pam
+	pcap postgres python readline redis rest samba sqlite ssl systemd
+"
+
+RESTRICT="test firebird? ( bindist )"
+
+# NOTE: Temporary freeradius doesn't support linking with mariadb client
+#       libs also if code is compliant, will be available in the next release.
+#       (http://lists.freeradius.org/pipermail/freeradius-devel/2018-October/013228.html)a
+
+# TODO: rlm_mschap works with both samba library or without. I need to avoid
+#       linking of samba library if -samba is used.
+RDEPEND="acct-group/radius
+	acct-user/radius
+	!net-dialup/cistronradius
+	dev-lang/perl:=
+	sys-libs/gdbm:=
+	sys-libs/talloc
+	virtual/libcrypt:=
+	firebird? ( dev-db/firebird )
+	iodbc? ( dev-db/libiodbc )
+	kerberos? ( virtual/krb5 )
+	ldap? ( net-nds/openldap )
+	memcached? ( dev-libs/libmemcached )
+	mysql? ( dev-db/mysql-connector-c )
+	mongodb? ( >=dev-libs/mongo-c-driver-1.13.0-r1 )
+	odbc? ( dev-db/unixODBC )
+	oracle? ( dev-db/oracle-instantclient-basic )
+	pam? ( sys-libs/pam )
+	pcap? ( net-libs/libpcap )
+	postgres? ( dev-db/postgresql:= )
+	python? ( ${PYTHON_DEPS} )
+	readline? ( sys-libs/readline:0= )
+	redis? ( dev-libs/hiredis:= )
+	rest? ( dev-libs/json-c:= )
+	samba? ( net-fs/samba )
+	sqlite? ( dev-db/sqlite:3 )
+	ssl? (
+		dev-libs/openssl:0=[-bindist(-)]
+	)
+	systemd? ( sys-apps/systemd )"
+DEPEND="${RDEPEND}"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+# 721040
+QA_SONAME="usr/lib.*/libfreeradius-.*.so"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.0.20-systemd-service.patch
+)
+
+pkg_setup() {
+	if use python ; then
+		python-single-r1_pkg_setup
+		export PYTHONBIN="${EPYTHON}"
+	fi
+}
+
+src_prepare() {
+	# most of the configuration options do not appear as ./configure
+	# switches. Instead it identifies the directories that are available
+	# and run through them. These might check for the presence of
+	# various libraries, in which case they are not built.  To avoid
+	# automagic dependencies, we just remove all the modules that we're
+	# not interested in using.
+
+	eapply_user
+	default
+
+	use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; }
+	use ldap || { rm -r src/modules/rlm_ldap || die ; }
+	use kerberos || { rm -r src/modules/rlm_krb5 || die ; }
+	use memcached || { rm -r src/modules/rlm_cache/drivers/rlm_cache_memcached || die ; }
+	use pam || { rm -r src/modules/rlm_pam || die ; }
+	# Drop support of python2
+	rm -r src/modules/rlm_python || die
+	use python || { rm -r src/modules/rlm_python3 || die ; }
+	use rest || { rm -r src/modules/rlm_rest || die ; }
+	use redis || { rm -r src/modules/rlm_redis{,who} || die ; }
+	# Do not install ruby rlm module, bug #483108
+	rm -r src/modules/rlm_ruby || die
+
+	# these are all things we don't have in portage/I don't want to deal
+	# with myself
+	rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library
+	rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2
+	rm -r src/modules/rlm_opendirectory || die # requires some membership.h
+	rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die
+
+	# sql drivers that are not part of experimental are loaded from a
+	# file, so we have to remove them from the file itself when we
+	# remove them.
+	usesqldriver() {
+		local flag=$1
+		local driver=rlm_sql_${2:-${flag}}
+
+		if ! use ${flag}; then
+			rm -r src/modules/rlm_sql/drivers/${driver} || die
+			sed -i -e /${driver}/d src/modules/rlm_sql/stable || die
+		fi
+	}
+
+	sed -i \
+		-e 's:^#\tuser = :\tuser = :g' \
+		-e 's:^#\tgroup = :\tgroup = :g' \
+		-e 's:/var/run/radiusd:/run/radiusd:g' \
+		-e '/^run_dir/s:${localstatedir}::g' \
+		raddb/radiusd.conf.in || die
+
+	# verbosity
+	# build shared libraries using jlibtool --shared
+	sed -i \
+		-e '/$(LIBTOOL)/s|--quiet ||g' \
+		-e 's:--mode=\(compile\|link\):& --shared:g' \
+		Make.inc.in || die
+
+	sed -i \
+		-e 's|--silent ||g' \
+		-e 's:--mode=\(compile\|link\):& --shared:g' \
+		scripts/libtool.mk || die
+
+	# crude measure to stop jlibtool from running ranlib and ar
+	sed -i \
+		-e '/LIBRARIAN/s|".*"|"true"|g' \
+		-e '/RANLIB/s|".*"|"true"|g' \
+		scripts/jlibtool.c || die
+
+	usesqldriver mysql
+	usesqldriver postgres postgresql
+	usesqldriver firebird
+	usesqldriver iodbc
+	usesqldriver odbc unixodbc
+	usesqldriver oracle
+	usesqldriver sqlite
+	usesqldriver mongodb mongo
+
+	eautoreconf
+}
+
+src_configure() {
+	# do not try to enable static with static-libs; upstream is a
+	# massacre of libtool best practices so you also have to make sure
+	# to --enable-shared explicitly.
+	local myeconfargs=(
+		--enable-shared
+		--disable-static
+		--disable-ltdl-install
+		--with-system-libtool
+		--with-system-libltdl
+		--with-ascend-binary
+		--with-udpfromto
+		--with-dhcp
+		--with-iodbc-include-dir=/usr/include/iodbc
+		--with-experimental-modules
+		--with-docdir=/usr/share/doc/${PF}
+		--with-logdir=/var/log/radius
+		$(use_enable debug developer)
+		$(use_with ldap edir)
+		$(use_with ssl openssl)
+		$(use_with systemd systemd)
+	)
+	# fix bug #77613
+	if has_version app-crypt/heimdal; then
+		myeconfargs+=( --enable-heimdal-krb5 )
+	fi
+
+	if use python ; then
+		myeconfargs+=(
+			--with-rlm-python3-bin=${EPYTHON}
+			--with-rlm-python3-config-bin=${EPYTHON}-config
+		)
+	fi
+
+	use readline || export ac_cv_lib_readline=no
+	use pcap || export ac_cv_lib_pcap_pcap_open_live=no
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	# verbose, do not generate certificates
+	emake \
+		Q='' ECHO=true \
+		LOCAL_CERT_PRODUCTS=''
+}
+
+src_install() {
+	dodir /etc
+	diropts -m0750 -o root -g radius
+	dodir /etc/raddb
+	diropts -m0750 -o radius -g radius
+	dodir /var/log/radius
+	keepdir /var/log/radius/radacct
+	diropts
+
+	# verbose, do not install certificates
+	# Parallel install fails (#509498)
+	emake -j1 \
+		Q='' ECHO=true \
+		LOCAL_CERT_PRODUCTS='' \
+		R="${D}" \
+		install
+
+	if use pam; then
+		pamd_mimic_system radiusd auth account password session
+	fi
+
+	# fix #711756
+	fowners -R radius:radius /etc/raddb
+	fowners -R radius:radius /var/log/radius
+
+	dodoc CREDITS
+
+	rm "${ED}/usr/sbin/rc.radiusd" || die
+
+	newinitd "${FILESDIR}/radius.init-r4" radiusd
+	newconfd "${FILESDIR}/radius.conf-r6" radiusd
+
+	if ! use systemd ; then
+		# If systemd builtin is not enabled we need use Type=Simple
+		# as systemd .service
+		sed -i -e 's:^Type=.*::g' \
+			-e 's:^WatchdogSec=.*::g' -e 's:^NotifyAccess=all.*::g' \
+			"${S}"/debian/freeradius.service
+	fi
+	systemd_dounit "${S}"/debian/freeradius.service
+
+	find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die
+}
+
+pkg_config() {
+	if use ssl; then
+		cd "${ROOT}"/etc/raddb/certs || die
+		./bootstrap || die "Error while running ./bootstrap script."
+		chown root:radius "${ROOT}"/etc/raddb/certs || die
+		chown root:radius "${ROOT}"/etc/raddb/certs/ca.pem || die
+		chown root:radius "${ROOT}"/etc/raddb/certs/server.{key,crt,pem} || die
+	fi
+}
+
+pkg_preinst() {
+	if ! has_version ${CATEGORY}/${PN} && use ssl; then
+		elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
+		elog "to start the radiusd service."
+	fi
+}

[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/, net-dialup/freeradius/files/

[Sam James]

commit:     eca476667dca94b2cf95205d40bbe9bd37c20325
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 19 11:02:57 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Dec 19 11:03:40 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eca47666

net-dialup/freeradius: add 3.2.3

Closes: https://bugs.gentoo.org/900048
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-dialup/freeradius/Manifest                     |   1 +
 .../files/freeradius-3.2.3-configure-c99.patch     |  38 +++
 net-dialup/freeradius/freeradius-3.2.3.ebuild      | 321 +++++++++++++++++++++
 3 files changed, 360 insertions(+)

diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
index f07da4b957ac..387fe37ebb2f 100644
--- a/net-dialup/freeradius/Manifest
+++ b/net-dialup/freeradius/Manifest
@@ -1 +1,2 @@
 DIST freeradius-server-3.2.2.tar.bz2 3418998 BLAKE2B 584d1ff79cf3a75c79f5b24f9e47d7c8d8caee0d706eb47bb387300172f0699f904804d963aab8c252a21fe67f7885a47659b8cd9db5292a6d4db087d72e8e38 SHA512 91dc574560a1f75cafa8bc78c0676f0e3dae7154ecbb395e0e1f6738f78d8bcfe1bff122364452798fd0434c4056fd946799b8f29a1141398bf0542a37870689
+DIST freeradius-server-3.2.3.tar.bz2 3454869 BLAKE2B 525204331a5b123dac7457c6adb755cbe9794dbff4a536ea665fc7d1cac97553e392b7b598741c2a9dd00c81decd00608499d6f25208e389b9f213f54977de84 SHA512 06767153e262a2baa2d0cc74099bc13c23b33c2316348b5dc8ec0f5834c028571bd09b8c01726a6eabeaab8fdc3050f40bfeba2d5b1c299585d1689abad365ce

diff --git a/net-dialup/freeradius/files/freeradius-3.2.3-configure-c99.patch b/net-dialup/freeradius/files/freeradius-3.2.3-configure-c99.patch
new file mode 100644
index 000000000000..395e97d84851
--- /dev/null
+++ b/net-dialup/freeradius/files/freeradius-3.2.3-configure-c99.patch
@@ -0,0 +1,38 @@
+https://src.fedoraproject.org/rpms/freeradius/c/1793f410aa789704b5ac0be9cf7d0eaece906d1a?branch=rawhide
+https://github.com/FreeRADIUS/freeradius-server/pull/5246
+
+The backtrace_symbols function expects a pointer to an array of void *
+values, not a pointer to an array of a single element. Removing the
+address operator ensures that the right type is used.
+
+This avoids an unconditional failure of this probe with compilers that
+treat incompatible pointer types as a compilation error.
+
+Submitted upstream: <https://github.com/FreeRADIUS/freeradius-server/pull/5246>
+
+diff --git a/configure b/configure
+index ed01ee2bdd912f63..1e6d2284779cdd58 100755
+--- a/configure
++++ b/configure
+@@ -13390,7 +13390,7 @@ main (void)
+ {
+ 
+         void *sym[1];
+-        backtrace_symbols(&sym, sizeof(sym))
++        backtrace_symbols(sym, sizeof(sym))
+   ;
+   return 0;
+ }
+diff --git a/configure.ac b/configure.ac
+index 76320213b51d7bb4..6a689711d6c90483 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -2168,7 +2168,7 @@ if test "x$ac_cv_header_execinfo_h" = "xyes"; then
+         #include <execinfo.h>
+       ]], [[
+         void *sym[1];
+-        backtrace_symbols(&sym, sizeof(sym)) ]])],[
++        backtrace_symbols(sym, sizeof(sym)) ]])],[
+         AC_MSG_RESULT(yes)
+         ac_cv_lib_execinfo_backtrace_symbols="yes"
+       ],[

diff --git a/net-dialup/freeradius/freeradius-3.2.3.ebuild b/net-dialup/freeradius/freeradius-3.2.3.ebuild
new file mode 100644
index 000000000000..56fff26e7876
--- /dev/null
+++ b/net-dialup/freeradius/freeradius-3.2.3.ebuild
@@ -0,0 +1,321 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..11} )
+AUTOTOOLS_DEPEND=">=sys-devel/autoconf-2.69"
+inherit autotools pam python-single-r1 systemd
+
+MY_PN=${PN}-server
+MY_P=${MY_PN}-${PV}
+MY_PV=$(ver_rs 1- "_")
+
+DESCRIPTION="Highly configurable free RADIUS server"
+HOMEPAGE="https://freeradius.org/"
+SRC_URI="https://github.com/FreeRADIUS/freeradius-server/releases/download/release_${MY_PV}/${MY_P}.tar.bz2"
+S="${WORKDIR}"/${MY_P}
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
+
+IUSE="
+	debug firebird iodbc kerberos ldap memcached mysql mongodb odbc oracle pam
+	postgres python readline redis samba selinux sqlite ssl systemd
+"
+
+RESTRICT="firebird? ( bindist )"
+
+# NOTE: Temporary freeradius doesn't support linking with mariadb client
+#       libs also if code is compliant, will be available in the next release.
+#       (http://lists.freeradius.org/pipermail/freeradius-devel/2018-October/013228.html)a
+
+# TODO: rlm_mschap works with both samba library or without. I need to avoid
+#       linking of samba library if -samba is used.
+
+# TODO: unconditional json-c for now as automagic dep despite efforts to stop it
+# ditto libpcap. Can restore USE=rest, USE=pcap if/when fixed.
+
+DEPEND="
+	acct-group/radius
+	acct-user/radius
+	!net-dialup/cistronradius
+	dev-libs/libltdl
+	dev-libs/libpcre
+	dev-libs/json-c:=
+	dev-lang/perl:=
+	net-libs/libpcap
+	net-misc/curl
+	sys-libs/gdbm:=
+	sys-libs/libcap
+	sys-libs/talloc
+	virtual/libcrypt:=
+	firebird? ( dev-db/firebird )
+	iodbc? ( dev-db/libiodbc )
+	kerberos? ( virtual/krb5 )
+	ldap? ( net-nds/openldap:= )
+	memcached? ( dev-libs/libmemcached )
+	mysql? ( dev-db/mysql-connector-c:= )
+	mongodb? ( >=dev-libs/mongo-c-driver-1.13.0-r1 )
+	odbc? ( dev-db/unixODBC )
+	oracle? ( dev-db/oracle-instantclient[sdk] )
+	pam? ( sys-libs/pam )
+	postgres? ( dev-db/postgresql:= )
+	python? ( ${PYTHON_DEPS} )
+	readline? ( sys-libs/readline:= )
+	redis? ( dev-libs/hiredis:= )
+	samba? ( net-fs/samba )
+	sqlite? ( dev-db/sqlite:3 )
+	ssl? ( >=dev-libs/openssl-1.0.2:=[-bindist(-)] )
+	systemd? ( sys-apps/systemd:= )
+"
+RDEPEND="
+	${DEPEND}
+	selinux? ( sec-policy/selinux-radius )
+"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+# bug #721040
+QA_SONAME="usr/lib.*/libfreeradius-.*.so"
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+	# Not available on Linux (bug #900048)
+	htonll
+	htonlll
+)
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.0.20-systemd-service.patch
+	"${FILESDIR}"/${PN}-3.2.3-configure-c99.patch
+)
+
+pkg_setup() {
+	if use python ; then
+		python-single-r1_pkg_setup
+		export PYTHONBIN="${EPYTHON}"
+	fi
+}
+
+src_prepare() {
+	default
+
+	# Most of the configuration options do not appear as ./configure
+	# switches. Instead it identifies the directories that are available
+	# and run through them. These might check for the presence of
+	# various libraries, in which case they are not built.  To avoid
+	# automagic dependencies, we just remove all the modules that we're
+	# not interested in using.
+	# TODO: shift more of these into configure args below as things
+	# are a bit better now.
+	use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; }
+	use ldap || { rm -r src/modules/rlm_ldap || die ; }
+	use kerberos || { rm -r src/modules/rlm_krb5 || die ; }
+	use memcached || { rm -r src/modules/rlm_cache/drivers/rlm_cache_memcached || die ; }
+	use pam || { rm -r src/modules/rlm_pam || die ; }
+
+	# Drop support for python2
+	rm -r src/modules/rlm_python || die
+
+	use python || { rm -r src/modules/rlm_python3 || die ; }
+	#use rest || { rm -r src/modules/rlm_rest || die ; }
+	# Do not install ruby rlm module, bug #483108
+	rm -r src/modules/rlm_ruby || die
+
+	# These are all things we don't have in portage/I don't want to deal
+	# with myself.
+	#
+	# Requires TNCS library
+	rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die
+	# Requires libeap-ikev2
+	rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die
+	# Requires some membership.h
+	rm -r src/modules/rlm_opendirectory || die
+	# ?
+	rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die
+
+	# SQL drivers that are not part of experimental are loaded from a
+	# file, so we have to remove them from the file itself when we
+	# remove them.
+	usesqldriver() {
+		local flag=$1
+		local driver=rlm_sql_${2:-${flag}}
+
+		if ! use ${flag} ; then
+			rm -r src/modules/rlm_sql/drivers/${driver} || die
+			sed -i -e /${driver}/d src/modules/rlm_sql/stable || die
+		fi
+	}
+
+	sed -i \
+		-e 's:^#\tuser = :\tuser = :g' \
+		-e 's:^#\tgroup = :\tgroup = :g' \
+		-e 's:/var/run/radiusd:/run/radiusd:g' \
+		-e '/^run_dir/s:${localstatedir}::g' \
+		raddb/radiusd.conf.in || die
+
+	# - Verbosity
+	# - B uild shared libraries using jlibtool -shared
+	sed -i \
+		-e 's|--silent ||g' \
+		-e 's:--mode=\(compile\|link\):& -shared:g' \
+		scripts/libtool.mk || die
+
+	# Crude measure to stop jlibtool from running ranlib and ar
+	sed -i \
+		-e '/LIBRARIAN/s|".*"|"true"|g' \
+		-e '/RANLIB/s|".*"|"true"|g' \
+		scripts/jlibtool.c || die
+
+	usesqldriver mysql
+	usesqldriver postgres postgresql
+	usesqldriver firebird
+	usesqldriver iodbc
+	usesqldriver odbc unixodbc
+	usesqldriver oracle
+	usesqldriver sqlite
+	usesqldriver mongodb mongo
+
+	eautoreconf
+}
+
+src_configure() {
+	# Do not try to enable static with static-libs; upstream is a
+	# massacre of libtool best practices so you also have to make sure
+	# to --enable-shared explicitly.
+	local myeconfargs=(
+		# Revisit confcache when not needing to use ac_cv anymore
+		# for automagic deps.
+		#--cache-file="${S}"/config.cache
+
+		--enable-shared
+		--disable-ltdl-install
+		--disable-silent-rules
+		--with-system-libtool
+		--with-system-libltdl
+
+		--enable-strict-dependencies
+		--without-rlm_couchbase
+		--without-rlm_securid
+		--without-rlm_unbound
+		--without-rlm_idn
+		#--without-rlm_json
+		#$(use_with rest libfreeradius-json)
+
+		# Our OpenSSL should be patched. Avoid false-positive failures.
+		--disable-openssl-version-check
+		--with-ascend-binary
+		--with-udpfromto
+		--with-dhcp
+		--with-pcre
+		--with-iodbc-include-dir=/usr/include/iodbc
+		--with-experimental-modules
+		--with-docdir=/usr/share/doc/${PF}
+		--with-logdir=/var/log/radius
+
+		$(use_enable debug developer)
+		$(use_with ldap edir)
+		$(use_with redis rlm_cache_redis)
+		$(use_with redis rlm_redis)
+		$(use_with redis rlm_rediswho)
+		$(use_with ssl openssl)
+		$(use_with systemd systemd)
+	)
+
+	# bug #77613
+	if has_version app-crypt/heimdal ; then
+		myeconfargs+=( --enable-heimdal-krb5 )
+	fi
+
+	if use python ; then
+		myeconfargs+=(
+			--with-rlm-python3-bin=${EPYTHON}
+			--with-rlm-python3-config-bin=${EPYTHON}-config
+		)
+	fi
+
+	if ! use readline ; then
+		export ac_cv_lib_readline=no
+	fi
+
+	#if ! use pcap ; then
+	#	export ac_cv_lib_pcap_pcap_open_live=no
+	#	export ac_cv_header_pcap_h=no
+	#fi
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	# Verbose, do not generate certificates
+	emake \
+		Q='' ECHO=true \
+		LOCAL_CERT_PRODUCTS=''
+}
+
+src_install() {
+	dodir /etc
+
+	diropts -m0750 -o root -g radius
+	dodir /etc/raddb
+
+	diropts -m0750 -o radius -g radius
+	dodir /var/log/radius
+
+	keepdir /var/log/radius/radacct
+	diropts
+
+	# - Verbose, do not install certificates
+	# - Parallel install fails (bug #509498)
+	emake -j1 \
+		Q='' ECHO=true \
+		LOCAL_CERT_PRODUCTS='' \
+		R="${D}" \
+		install
+
+	if use pam ; then
+		pamd_mimic_system radiusd auth account password session
+	fi
+
+	# bug #711756
+	fowners -R radius:radius /etc/raddb
+	fowners -R radius:radius /var/log/radius
+
+	dodoc CREDITS
+
+	rm "${ED}"/usr/sbin/rc.radiusd || die
+
+	newinitd "${FILESDIR}"/radius.init-r4 radiusd
+	newconfd "${FILESDIR}"/radius.conf-r6 radiusd
+
+	if ! use systemd ; then
+		# If systemd builtin is not enabled we need use Type=Simple
+		# as systemd .service
+		sed -i -e 's:^Type=.*::g' \
+			-e 's:^WatchdogSec=.*::g' -e 's:^NotifyAccess=all.*::g' \
+			"${S}"/debian/freeradius.service
+	fi
+
+	systemd_dounit "${S}"/debian/freeradius.service
+
+	find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die
+}
+
+pkg_config() {
+	if use ssl ; then
+		cd "${ROOT}"/etc/raddb/certs || die
+
+		./bootstrap || die "Error while running ./bootstrap script."
+		chown root:radius "${ROOT}"/etc/raddb/certs || die
+		chown root:radius "${ROOT}"/etc/raddb/certs/ca.pem || die
+		chown root:radius "${ROOT}"/etc/raddb/certs/server.{key,crt,pem} || die
+	fi
+}
+
+pkg_preinst() {
+	if ! has_version ${CATEGORY}/${PN} && use ssl ; then
+		elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
+		elog "to start the radiusd service."
+	fi
+}