2008年7月8日火曜日

FreeRadius 〜 EAP/TLS, EAP/TTLS, EAP/PEAP 〜 Linux Debian Lenny

いや、ここに張る意味あんまり無いけどチラシの裏、ちょっと jot。rules に

if dh_shlibdeps -p $$pkg -- -O 2>/dev/null | grep -q libssl; then
    echo "$$pkg links to openssl"
    exit 1
fi
ここまでやってあると、イカンことのように思えてくるけど....
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/control freeradius-2.0.4+dfsg/debian/control
--- freeradius-2.0.4+dfsg.orig/debian/control   2008-05-19 11:47:18.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/control        2008-07-08 22:13:50.000000000 +0900
@@ -1,5 +1,5 @@
 Source: freeradius
-Build-Depends: autotools-dev, debhelper (>= 6.0.7), libgdbm-dev, libiodbc2-dev, libkrb5-dev, libldap2-dev, libltdl3-dev, libmysqlclient15-dev | libmysqlclient-dev, libpam0g-dev, lib
pcap-dev, libperl-dev, libpq-dev, libsasl2-dev, libsnmp-dev, libtool, python-dev
+Build-Depends: autotools-dev, debhelper (>= 6.0.7), libgdbm-dev, libiodbc2-dev, libkrb5-dev, libldap2-dev, libltdl3-dev, libmysqlclient15-dev | libmysqlclient-dev, libpam0g-dev, lib
pcap-dev, libperl-dev, libpq-dev, libsasl2-dev, libsnmp-dev, libtool, python-dev libssl-dev
 Section: net
 Priority: optional
 Maintainer: Stephen Gran 
@@ -11,7 +11,7 @@
 Depends: lsb-base (>= 3.0-6), ${shlibs:Depends}, freeradius-common, libfreeradius2 (= ${binary:Version})
 Provides: radius-server
 Recommends: freeradius-utils
-Suggests: freeradius-ldap, freeradius-mysql, freeradius-krb5, freeradius-postgresql
+Suggests: freeradius-ldap, freeradius-mysql, freeradius-krb5, freeradius-postgresql, freeradius-tls, freeradius-peap
 Description: a high-performance and highly configurable RADIUS server
  A high-performance RADIUS server with support for...
   - many vendor-specific attributes
@@ -121,3 +121,26 @@
  This package contains the detached debugging symbols for the Debian freeradius
  packages
 
+Package: freeradius-tls
+Architecture: any
+Depends: freeradius (= ${binary:Version}), ${shlibs:Depends}
+Description: eap-tls module for FreeRADIUS server
+ Debian will not provide a binary version of the rlm_eap_tls.so library. This
+ module is required if you want to use EAP/TLS authentication, commonly used
+ for WiFi access points
+
+Package: freeradius-ttls
+Architecture: any
+Depends: freeradius (= ${binary:Version}), ${shlibs:Depends}
+Description: eap-ttls module for FreeRADIUS server
+ Debian will not provide a binary version of the rlm_eap_ttls.so library. This
+ module is required if you want to use EAP/TLS authentication, commonly used
+ for WiFi access points
+
+Package: freeradius-peap
+Architecture: any
+Depends: freeradius (= ${binary:Version}), ${shlibs:Depends}
+Description: eap-peap module for FreeRADIUS server
+ Debian will not provide a binary version of the rlm_eap_peap.so library. This
+ module is required if you want to use EAP/PEAP authentication, commonly used
+ for WiFi access points
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/freeradius-peap.install freeradius-2.0.4+dfsg/debian/freeradius-peap.install
--- freeradius-2.0.4+dfsg.orig/debian/freeradius-peap.install   1970-01-01 09:00:00.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/freeradius-peap.install        2008-07-08 22:13:50.000000000 +0900
@@ -0,0 +1 @@
+usr/lib/freeradius/rlm_eap_peap*.so
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/freeradius-peap.postinst freeradius-2.0.4+dfsg/debian/freeradius-peap.postinst
--- freeradius-2.0.4+dfsg.orig/debian/freeradius-peap.postinst  1970-01-01 09:00:00.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/freeradius-peap.postinst       2008-07-08 22:13:50.000000000 +0900
@@ -0,0 +1,21 @@
+#! /bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+       if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+         invoke-rc.d freeradius restart
+       else
+         /etc/init.d/freeradius restart
+       fi
+       ;;
+ abort-upgrade)
+       ;;
+ abort-remove)
+       ;;
+ abort-deconfigure)
+       ;;
+esac
+
+#DEBHELPER#
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/freeradius-tls.install freeradius-2.0.4+dfsg/debian/freeradius-tls.install
--- freeradius-2.0.4+dfsg.orig/debian/freeradius-tls.install    1970-01-01 09:00:00.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/freeradius-tls.install 2008-07-08 22:13:50.000000000 +0900
@@ -0,0 +1 @@
+usr/lib/freeradius/rlm_eap_tls*.so
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/freeradius-tls.postinst freeradius-2.0.4+dfsg/debian/freeradius-tls.postinst
--- freeradius-2.0.4+dfsg.orig/debian/freeradius-tls.postinst   1970-01-01 09:00:00.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/freeradius-tls.postinst        2008-07-08 22:13:50.000000000 +0900
@@ -0,0 +1,21 @@
+#! /bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+       if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+         invoke-rc.d freeradius restart
+       else
+         /etc/init.d/freeradius restart
+       fi
+       ;;
+ abort-upgrade)
+       ;;
+ abort-remove)
+       ;;
+ abort-deconfigure)
+       ;;
+esac
+
+#DEBHELPER#
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/freeradius-ttls.install freeradius-2.0.4+dfsg/debian/freeradius-ttls.install
--- freeradius-2.0.4+dfsg.orig/debian/freeradius-ttls.install   1970-01-01 09:00:00.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/freeradius-ttls.install        2008-07-08 22:13:50.000000000 +0900
@@ -0,0 +1 @@
+usr/lib/freeradius/rlm_eap_ttls*.so
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/freeradius-ttls.postinst freeradius-2.0.4+dfsg/debian/freeradius-ttls.postinst
--- freeradius-2.0.4+dfsg.orig/debian/freeradius-ttls.postinst  1970-01-01 09:00:00.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/freeradius-ttls.postinst       2008-07-08 22:13:50.000000000 +0900
@@ -0,0 +1,21 @@
+#! /bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+       if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+         invoke-rc.d freeradius restart
+       else
+         /etc/init.d/freeradius restart
+       fi
+       ;;
+ abort-upgrade)
+       ;;
+ abort-remove)
+       ;;
+ abort-deconfigure)
+       ;;
+esac
+
+#DEBHELPER#
diff -ubBrN freeradius-2.0.4+dfsg.orig/debian/rules freeradius-2.0.4+dfsg/debian/rules
--- freeradius-2.0.4+dfsg.orig/debian/rules     2008-05-19 11:47:18.000000000 +0900
+++ freeradius-2.0.4+dfsg/debian/rules  2008-07-08 22:13:50.000000000 +0900
@@ -26,7 +26,7 @@
 pkgdocdir       = /usr/share/doc/$(package)
 raddbdir        = /etc/$(package)
 
-modulelist=krb5 ldap sql_mysql sql_iodbc sql_postgresql
+modulelist=krb5 ldap sql_mysql sql_iodbc sql_postgresql eap_peap eap_tls eap_ttls
 pkgs=$(shell dh_listpackages)
 
 # This has to be exported to make some magic below work.
@@ -80,14 +80,10 @@
                --with-large-files --with-udpfromto --with-edir \
                --enable-developer \
                --config-cache \
-               --without-rlm_eap_tls \
-               --without-rlm_eap_ttls \
-               --without-rlm_eap_peap \
                --without-rlm_eap_tnc \
                --without-rlm_otp \
                --with-rlm_sql_postgresql_lib_dir=`pg_config --libdir` \
                --with-rlm_sql_postgresql_include_dir=`pg_config --includedir` \
-               --without-openssl \
                --without-rlm_eap_ikev2 \
                --without-rlm_sql_oracle \
                --without-rlm_sql_unixodbc \
@@ -164,6 +160,7 @@
 
        for mod in ${modulelist}; do \
          pkg=$${mod##sql_} ; \
+         pkg=$${mod##eap_} ; \
          dh_install --sourcedir=$(freeradius_dir) -p freeradius-$$pkg ; \
          rm -f $(freeradius_dir)/usr/lib/freeradius/rlm_$$mod*.so ; \
        done
@@ -174,12 +171,6 @@
        dh_strip -a --dbg-package=freeradius-dbg
 
        dh_makeshlibs -a -n
-       for pkg in ${pkgs} ; do \
-         if dh_shlibdeps -p $$pkg -- -O 2>/dev/null | grep -q libssl; then \
-           echo "$$pkg links to openssl" ;\
-           exit 1 ;\
-         fi ;\
-       done
        dh_shlibdeps
 
 binary-common:
apt-get source freeradius して上記パッチあてて fakeroot debian/rules binary すると、上位のディレクトリに freeradius-peap freeradius-tls freeradius-ttls というパッケージが出来上がると思います。
投稿者 時刻:
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)