From 6d77616b723a6be41be5b4e1c71f08dfb3a08486 Mon Sep 17 00:00:00 2001 From: Alexander Wilke Date: Wed, 20 Jun 2012 10:45:22 +0300 Subject: freeradius2: additionald downloaded files temp disabled to check if we need them with the ne built packages --- config/freeradius2/freeradius.inc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'config') diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index 66921959..b2901e56 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -82,6 +82,7 @@ function freeradius_install_command() { if (file_exists(RADDB . "/sites-enabled/control-socket")) { unlink(RADDB . "/sites-enabled/control-socket"); } if (file_exists(RADDB . "/sites-enabled/inner-tunnel")) { unlink(RADDB . "/sites-enabled/inner-tunnel"); } +/* freeradius2: additionald downloaded files temp disabled to check if we need them with the ne built packages // We need some additional files in /usr/local/lib for the LDAP module. We fetch these files dependent on the architecture. if (!file_exists("/usr/local/lib/libasn1.so.10") || !file_exists("/usr/local/lib/libgssapi.so.10") || !file_exists("/usr/local/lib/libheimntlm.so.10") || !file_exists("/usr/local/lib/libhx509.so.10") || !file_exists("/usr/local/lib/ldd/libkrb5.so.10") || !file_exists("/usr/local/lib/libroken.so.10")) { // For i386 systems @@ -115,6 +116,7 @@ function freeradius_install_command() { exec("chmod 0755 /usr/local/lib/libroken.so.10"); } } +*/ // We run this here just to suppress some warnings on syslog if file doesn't exist freeradius_authorizedmacs_resync(); -- cgit v1.2.3 From 7da9181f63d43d6aa96a8a5741bc04d1dc5e1983 Mon Sep 17 00:00:00 2001 From: phildd Date: Wed, 20 Jun 2012 21:42:34 +0545 Subject: Add SQUID_CONFFILE constant and use it to add "-f" command parameter to each squid start/stop/reconfigure. This makes squid look at the conf file that is made by the GUI. The actual conf file location has not been changed yet. That can be done next, but for now I have minimised risk by keeping in the current place and just referencing it there correctly. Also removed the "-D" parameter from the squid start command in 1 place - "-D' is obsolete in squid 3.1. --- config/squid-reverse/squid.inc | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'config') diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc index 47dd7124..e7dffcdb 100644 --- a/config/squid-reverse/squid.inc +++ b/config/squid-reverse/squid.inc @@ -41,6 +41,7 @@ if(!function_exists("filter_configure")) require_once("filter.inc"); define('SQUID_CONFBASE', '/usr/local/etc/squid'); +define('SQUID_CONFFILE', SQUID_CONFBASE . '/squid.conf'); define('SQUID_BASE', '/var/squid/'); define('SQUID_ACLDIR', '/var/squid/acl'); define('SQUID_PASSWD', '/var/etc/squid.passwd'); @@ -102,12 +103,12 @@ function squid_dash_z() { if(!is_dir($cachedir.'/00/')) { log_error("Creating squid cache subdirs in $cachedir"); - mwexec("/usr/local/sbin/squid -k shutdown"); + mwexec("/usr/local/sbin/squid -k shutdown -f " . SQUID_CONFFILE); sleep(5); - mwexec("/usr/local/sbin/squid -k kill"); + mwexec("/usr/local/sbin/squid -k kill -f " . SQUID_CONFFILE); // Double check permissions here, should be safe to recurse cache dir if it's small here. mwexec("/usr/sbin/chown -R proxy:proxy $cachedir"); - mwexec("/usr/local/sbin/squid -z"); + mwexec("/usr/local/sbin/squid -z -f " . SQUID_CONFFILE); } if(file_exists("/var/squid/cache/swap.state")) { @@ -291,11 +292,11 @@ function squid_install_command() { if (!is_service_running('squid')) { update_status("Starting... One moment please..."); log_error("Starting Squid"); - mwexec_bg("/usr/local/sbin/squid -D"); + mwexec_bg("/usr/local/sbin/squid -f " . SQUID_CONFFILE); } else { update_status("Reloading Squid for configuration sync... One moment please..."); log_error("Reloading Squid for configuration sync"); - mwexec("/usr/local/sbin/squid -k reconfigure"); + mwexec("/usr/local/sbin/squid -k reconfigure -f " . SQUID_CONFFILE); } /* restart proxy alarm scripts */ @@ -682,7 +683,7 @@ function squid_install_cron($should_install) { $cron_item['month'] = "*"; $cron_item['wday'] = "*"; $cron_item['who'] = "root"; - $cron_item['command'] = "/bin/rm {$cachedir}/swap.state; /usr/local/sbin/squid -k rotate"; + $cron_item['command'] = "/bin/rm {$cachedir}/swap.state; /usr/local/sbin/squid -k rotate -f " . SQUID_CONFFILE; $config['cron']['item'][] = $cron_item; $need_write = true; } @@ -1389,12 +1390,12 @@ function squid_resync() { if (!is_service_running('squid')) { log_error("Starting Squid"); - mwexec("/usr/local/sbin/squid"); + mwexec("/usr/local/sbin/squid -f " . SQUID_CONFFILE); } else { if (!isset($boot_process)){ log_error("Reloading Squid for configuration sync"); - mwexec("/usr/local/sbin/squid -k reconfigure"); + mwexec("/usr/local/sbin/squid -k reconfigure -f " . SQUID_CONFFILE); } } @@ -1706,16 +1707,19 @@ function squid_generate_rules($type) { } function squid_write_rcfile() { + /* Declare a variable for the SQUID_CONFFILE constant. */ + /* Then the variable can be referenced easily in the Heredoc text that generates the rc file. */ + $squid_conffile_var = SQUID_CONFFILE; $rc = array(); $rc['file'] = 'squid.sh'; $rc['start'] = <</dev/null @@ -1724,9 +1728,9 @@ killall pinger 2>/dev/null EOD; $rc['restart'] = << +?> \ No newline at end of file -- cgit v1.2.3 From 70b6007a67c57a35ddc37177ba17007e14a8dd6a Mon Sep 17 00:00:00 2001 From: Alexander Wilke Date: Wed, 20 Jun 2012 22:09:24 +0300 Subject: freeradius2: basics ready for 2.1 This is probably not the correct way for a package to run on pfsense 2.1 but at first it is working. Probably some other fixes needed but it should be ok first to check if all the dependencies are there (MySQL, PostgreSQL, LDAP). Any help on this package and fixes are really appreciated! --- config/freeradius2/freeradius.inc | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) (limited to 'config') diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index b2901e56..37e57aa8 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -45,7 +45,24 @@ require_once("globals.inc"); require_once("filter.inc"); require_once("services.inc"); -define('RADDB', '/usr/local/etc/raddb'); +// Check to find out on which system the package is running +if (exec("uname -r | cut -c 1-3") == '8.3') { + if (exec("uname -m") == "i386") { + define('RADDB', '/usr/pbi/freeradius-i386/etc/raddb'); + define('USRLOCAL', '/usr/pbi/freeradius-i386'); + } + else { + define('RADDB', '/usr/pbi/freeradius-amd64/etc/raddb'); + define('USRLOCAL', '/usr/pbi/freeradius-amd64'); + } +} +else { + define('RADDB', '/usr/local/etc/raddb'); +} +// End of system check + + +// define('RADDB', '/usr/local/etc/raddb'); function freeradius_deinstall_command() { exec("cd /var/db/pkg && pkg_delete `ls | grep freeradius`"); @@ -64,7 +81,7 @@ function freeradius_install_command() { exec("mkdir " . RADDB . "/scripts"); if (!file_exists("/var/log/radutmp")) { exec("touch /var/log/radutmp"); } if (!file_exists("/var/log/radwtmp")) { exec("touch /var/log/radwtmp"); } - exec("chown -R root:wheel " . RADDB . " && chown -R root:wheel /usr/local/lib/freeradius-2.1.12 && chown -R root:wheel /var/log/radacct"); + exec("chown -R root:wheel " . RADDB . " && chown -R root:wheel " . USRLOCAL . "/lib/freeradius-2.1.12 && chown -R root:wheel /var/log/radacct"); // creating a backup file of the original policy.conf no matter if user checked this or not if (!file_exists(RADDB . "/policy.conf.backup")) { @@ -141,8 +158,8 @@ function freeradius_install_command() { $rcfile = array(); $rcfile['file'] = 'radiusd.sh'; - $rcfile['start'] = '/usr/local/etc/rc.d/radiusd onestart'; - $rcfile['stop'] = '/usr/local/etc/rc.d/radiusd onestop'; + $rcfile['start'] = USRLOCAL . '/etc/rc.d/radiusd onestart'; + $rcfile['stop'] = USRLOCAL . '/etc/rc.d/radiusd onestop'; write_rcfile($rcfile); conf_mount_ro(); start_service("radiusd"); @@ -220,7 +237,7 @@ function freeradius_settings_resync() { $conf .= << Date: Wed, 20 Jun 2012 22:09:58 +0300 Subject: Update master --- config/freeradius2/freeradius_view_config.php | 40 +++++++++++++++++++-------- 1 file changed, 28 insertions(+), 12 deletions(-) (limited to 'config') diff --git a/config/freeradius2/freeradius_view_config.php b/config/freeradius2/freeradius_view_config.php index 6bda5f3e..ee7ca4c1 100644 --- a/config/freeradius2/freeradius_view_config.php +++ b/config/freeradius2/freeradius_view_config.php @@ -31,19 +31,35 @@ */ require("guiconfig.inc"); + +// Check to find out on which system the package is running +if (exec("uname -r | cut -c 1-3") == '8.3') { + if (exec("uname -m") == "i386") { + define('RADDB', '/usr/pbi/freeradius-i386/etc/raddb'); + } + else { + define('RADDB', '/usr/pbi/freeradius-amd64/etc/raddb'); + } +} +else { + define('RADDB', '/usr/local/etc/raddb'); +} +// End of system check + + function get_file($file){ - $files['radiusd']="/usr/local/etc/raddb/radiusd.conf"; - $files['eap']="/usr/local/etc/raddb/eap.conf"; - $files['sql']="/usr/local/etc/raddb/sql.conf"; - $files['clients']="/usr/local/etc/raddb/clients.conf"; - $files['users']="/usr/local/etc/raddb/users"; - $files['macs']="/usr/local/etc/raddb/authorized_macs"; - $files['virtual-server-default']="/usr/local/etc/raddb/sites-enabled/default"; - $files['ca']="/usr/local/etc/raddb/certs/ca.cnf"; - $files['server']="/usr/local/etc/raddb/certs/server.cnf"; - $files['client']="/usr/local/etc/raddb/certs/client.cnf"; - $files['index']="/usr/local/etc/raddb/certs/index.txt"; - $files['ldap']="/usr/local/etc/raddb/modules/ldap"; + $files['radiusd']=RADDB . "/radiusd.conf"; + $files['eap']=RADDB . "/eap.conf"; + $files['sql']=RADDB . "/sql.conf"; + $files['clients']=RADDB . "/clients.conf"; + $files['users']=RADDB . "/users"; + $files['macs']=RADDB . "/authorized_macs"; + $files['virtual-server-default']=RADDB . "/sites-enabled/default"; + $files['ca']=RADDB . "/certs/ca.cnf"; + $files['server']=RADDB . "/certs/server.cnf"; + $files['client']=RADDB . "/certs/client.cnf"; + $files['index']=RADDB . "/certs/index.txt"; + $files['ldap']=RADDB . "/modules/ldap"; if ($files[$file]!="" && file_exists($files[$file])){ -- cgit v1.2.3 From 50c3740529e861e3c8e4e3a6e08321aaf5687ca2 Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 20 Jun 2012 15:49:43 -0400 Subject: Remove some really unnecessary manual downloading of libraries/packages during install of these. --- config/freeradius2/freeradius.inc | 35 ----------------------------------- config/haproxy/haproxy.inc | 11 ----------- 2 files changed, 46 deletions(-) (limited to 'config') diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index 37e57aa8..ffd3dde1 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -99,41 +99,6 @@ function freeradius_install_command() { if (file_exists(RADDB . "/sites-enabled/control-socket")) { unlink(RADDB . "/sites-enabled/control-socket"); } if (file_exists(RADDB . "/sites-enabled/inner-tunnel")) { unlink(RADDB . "/sites-enabled/inner-tunnel"); } -/* freeradius2: additionald downloaded files temp disabled to check if we need them with the ne built packages - // We need some additional files in /usr/local/lib for the LDAP module. We fetch these files dependent on the architecture. - if (!file_exists("/usr/local/lib/libasn1.so.10") || !file_exists("/usr/local/lib/libgssapi.so.10") || !file_exists("/usr/local/lib/libheimntlm.so.10") || !file_exists("/usr/local/lib/libhx509.so.10") || !file_exists("/usr/local/lib/ldd/libkrb5.so.10") || !file_exists("/usr/local/lib/libroken.so.10")) { - // For i386 systems - if (exec("uname -m") == "i386") { - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/All/ldd/libasn1.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/All/ldd/libgssapi.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/All/ldd/libheimntlm.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/All/ldd/libhx509.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/All/ldd/libkrb5.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/All/ldd/libroken.so.10"); - exec("chmod 0755 /usr/local/lib/libasn1.so.10"); - exec("chmod 0755 /usr/local/lib/libgssapi.so.10"); - exec("chmod 0755 /usr/local/lib/libheimntlm.so.10"); - exec("chmod 0755 /usr/local/lib/libhx509.so.10"); - exec("chmod 0755 /usr/local/lib/ldd/libkrb5.so.10"); - exec("chmod 0755 /usr/local/lib/libroken.so.10"); - } - // For amd64 systems - else { - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/amd64/All/ldd/libasn1.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/amd64/All/ldd/libgssapi.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/amd64/All/ldd/libheimntlm.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/amd64/All/ldd/libhx509.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/amd64/All/ldd/libkrb5.so.10"); - exec("cd /usr/local/lib/ && fetch http://e-sac.siteseguro.ws/pfsense/8/amd64/All/ldd/libroken.so.10"); - exec("chmod 0755 /usr/local/lib/libasn1.so.10"); - exec("chmod 0755 /usr/local/lib/libgssapi.so.10"); - exec("chmod 0755 /usr/local/lib/libheimntlm.so.10"); - exec("chmod 0755 /usr/local/lib/libhx509.so.10"); - exec("chmod 0755 /usr/local/lib/ldd/libkrb5.so.10"); - exec("chmod 0755 /usr/local/lib/libroken.so.10"); - } - } -*/ // We run this here just to suppress some warnings on syslog if file doesn't exist freeradius_authorizedmacs_resync(); diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc index 4ed5f393..1e29f358 100644 --- a/config/haproxy/haproxy.inc +++ b/config/haproxy/haproxy.inc @@ -156,17 +156,6 @@ EOD; fclose($fd); exec("/etc/rc.d/devd restart"); - /* Workaround for the old package deleting the binary on unload instead of the package */ - if (!file_exists("/usr/local/sbin/haproxy")) { - if (substr(trim(`uname -r`), 0, 1) == "8") { - exec("cd /var/db/pkg && pkg_delete `ls | grep haproxy`"); - if (trim(`uname -m`) == 'i386') - exec("pkg_add -r http://e-sac.siteseguro.ws/pfsense/8/All/haproxy-1.4.18.tbz"); - else - exec("pkg_add -r http://e-sac.siteseguro.ws/pfsense/8/amd64/All/haproxy-1.4.18.tbz"); - } - } - /* Do XML upgrade from haproxy 0.31 to haproxy-dev */ if (is_array($config['installedpackages']['haproxy']['ha_servers'])) { /* We have an old config */ -- cgit v1.2.3 From 44c0fce59d9664f7ee897c48549ef83fa2990e11 Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 20 Jun 2012 16:39:58 -0400 Subject: Don't install binaries manually for avahi, try to rely on the package version --- config/avahi/avahi.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config') diff --git a/config/avahi/avahi.inc b/config/avahi/avahi.inc index 217d2aa1..0a8f573e 100644 --- a/config/avahi/avahi.inc +++ b/config/avahi/avahi.inc @@ -42,7 +42,7 @@ function avahi_install() { conf_mount_rw(); if (php_uname("m") == "i386") - $archive = (substr(trim(file_get_contents("/etc/version")),0,1) == "2") ? "avahi8.tar.gz" : "avahi.tar.gz"; + $archive = (substr(trim(file_get_contents("/etc/version")),0,1) == "2") ? "" : "avahi.tar.gz"; // Extract out libraries and avahi-daemon if(!empty($archive) && file_exists("/root/{$archive}")) { -- cgit v1.2.3 From ffa9704efa6dd5141b651b760942d4e4d890b85c Mon Sep 17 00:00:00 2001 From: Alexander Wilke Date: Thu, 21 Jun 2012 11:38:27 +0300 Subject: freeradius2: added missing constant --- config/freeradius2/freeradius.inc | 1 + 1 file changed, 1 insertion(+) (limited to 'config') diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index ffd3dde1..d2f42dfd 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -58,6 +58,7 @@ if (exec("uname -r | cut -c 1-3") == '8.3') { } else { define('RADDB', '/usr/local/etc/raddb'); + define('USRLOCAL', '/usr/local'); } // End of system check -- cgit v1.2.3