From c868bc5be8c9f7cc8b7ca91bbd36990a931d9875 Mon Sep 17 00:00:00 2001
From: Fernando Lemos <fernandotcl@pfsense.org>
Date: Fri, 2 Jun 2006 13:41:17 +0000
Subject: A working version of the FreeRADIUS package (this one writes the
 configuration to the right files ;)).

---
 packages/freeradius.inc         | 438 ++++++++++++++++++++++++++++++++++++++++
 packages/freeradius.xml         | 105 ++++------
 packages/freeradiusclients.xml  |  48 ++---
 packages/freeradiussettings.xml |  46 ++---
 4 files changed, 503 insertions(+), 134 deletions(-)
 create mode 100644 packages/freeradius.inc

(limited to 'packages')

diff --git a/packages/freeradius.inc b/packages/freeradius.inc
new file mode 100644
index 00000000..cdc7a422
--- /dev/null
+++ b/packages/freeradius.inc
@@ -0,0 +1,438 @@
+<?php
+require_once('config.inc');
+require_once('service-utils.inc');
+
+define('RADDB', '/usr/local/etc/raddb');
+
+function freeradius_install_command() {
+	global $config;
+
+	$handle = opendir(RADDB);
+	while (false != ($file = readdir($handle))) {
+		if (false != ($pos = strpos($file, '.sample'))) {
+			$newfile = substr($file, 0, $pos);
+			if (copy(RADDB . "/$file", RADDB . "/$newfile"))
+				unlink(RADDB . "/$file");
+		}
+	}
+	closedir($handle);
+
+	freeradius_settings_resync();
+
+	$rcfile = array();
+	$rcfile['file'] = 'radiusd.sh';
+	$rcfile['start'] = 'radiusd -s &';
+	$rcfile['stop'] = 'killall radiusd';
+	write_rcfile($rcfile);
+	start_service("freeradius");
+}
+
+function freeradius_settings_resync() {
+	global $config;
+
+	$settings = $config['installedpackages']['freeradiussettings']['config'][0];
+
+	$iface = ($settings['interface'] ? $settings['interface'] : 'LAN');
+	$iface = convert_friendly_interface_to_real_interface_name($iface);
+	$iface_ip = find_interface_ip($iface);
+	$port = ($settings['port'] != '' ? $settings['port'] : 0);
+
+	// FreeRADIUS's configuration is huge
+	// This is the standard default config file, trimmed down a bit. Somebody might want to implement more options. It should be as simple as editing this, then also providing the settings in each file that was included here (or maybe just put the config inlined here).
+	$conf = <<<EOD
+prefix = /usr/local
+exec_prefix = \${prefix}
+sysconfdir = \${prefix}/etc
+localstatedir = /var
+sbindir = \${exec_prefix}/sbin
+logdir = /var/log
+raddbdir = \${sysconfdir}/raddb
+radacctdir = \${logdir}/radacct
+confdir = \${raddbdir}
+run_dir = \${localstatedir}/run/radiusd
+log_file = \${logdir}/radius.log
+libdir = \${exec_prefix}/lib
+pidfile = \${run_dir}/radiusd.pid
+#user = nobody
+#group = nobody
+max_request_time = 30
+delete_blocked_requests = no
+cleanup_delay = 5
+max_requests = 1024
+bind_address = $iface_ip
+port = $port
+hostname_lookups = no
+allow_core_dumps = no
+regular_expressions	= yes
+extended_expressions	= yes
+log_stripped_names = no
+log_auth = no
+log_auth_badpass = no
+log_auth_goodpass = no
+usercollide = no
+lower_user = no
+lower_pass = no
+nospace_user = no
+nospace_pass = no
+checkrad = \${sbindir}/checkrad
+ 
+security {
+	max_attributes = 200
+	reject_delay = 1
+	status_server = no
+}
+ 
+proxy_requests = yes
+\$INCLUDE  \${confdir}/proxy.conf
+ 
+\$INCLUDE  \${confdir}/clients.conf
+ 
+snmp = no
+\$INCLUDE  \${confdir}/snmp.conf
+ 
+thread pool {
+	start_servers = 5
+	max_servers = 32
+	min_spare_servers = 3
+	max_spare_servers = 10
+	max_requests_per_server = 0
+}
+ 
+modules {
+	pap {
+		encryption_scheme = crypt
+	}
+ 
+	chap {
+		authtype = CHAP
+	}
+ 
+	pam {
+		pam_auth = radiusd
+	}
+ 
+	unix {
+		cache = no
+		cache_reload = 600
+		radwtmp = \${logdir}/radwtmp
+	}
+ 
+	\$INCLUDE \${confdir}/eap.conf
+ 
+	mschap {
+		authtype = MS-CHAP
+		#use_mppe = no
+		#require_encryption = yes
+		#require_strong = yes
+		#with_ntdomain_hack = no
+		#ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
+	}
+ 
+	ldap {
+		server = "ldap.your.domain"
+		basedn = "o=My Org,c=UA"
+		filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
+		#base_filter = "(objectclass=radiusprofile)"
+		start_tls = no
+		#tls_cacertfile = /path/to/cacert.pem
+		#tls_cacertdir = /path/to/ca/dir/
+		#tls_certfile = /path/to/radius.crt
+		#tls_keyfile = /path/to/radius.key
+		#tls_randfile = /path/to/rnd
+		#tls_require_cert = "demand"
+		access_attr = "dialupAccess"
+		dictionary_mapping = \${raddbdir}/ldap.attrmap
+		ldap_connections_number = 5
+		#groupname_attribute = cn
+		#groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
+		#groupmembership_attribute = radiusGroupName
+		timeout = 4
+		timelimit = 3
+		net_timeout = 1
+		#compare_check_items = yes
+		#do_xlat = yes
+		#access_attr_used_for_allow = yes
+	}
+ 
+	realm IPASS {
+		format = prefix
+		delimiter = "/"
+		ignore_default = no
+		ignore_null = no
+	}
+ 
+	realm suffix {
+		format = suffix
+		delimiter = "@"
+		ignore_default = no
+		ignore_null = no
+	}
+ 
+	realm realmpercent {
+		format = suffix
+		delimiter = "%"
+		ignore_default = no
+		ignore_null = no
+	}
+ 
+	realm ntdomain {
+		format = prefix
+		delimiter = "\\"
+		ignore_default = no
+		ignore_null = no
+	}
+ 
+	checkval {
+		item-name = Calling-Station-Id
+		check-name = Calling-Station-Id
+		data-type = string
+		#notfound-reject = no
+	}
+ 
+	preprocess {
+		huntgroups = \${confdir}/huntgroups
+		hints = \${confdir}/hints
+		with_ascend_hack = no
+		ascend_channels_per_line = 23
+		with_ntdomain_hack = no
+		with_specialix_jetstream_hack = no
+		with_cisco_vsa_hack = no
+	}
+ 
+	files {
+		usersfile = \${confdir}/users
+		acctusersfile = \${confdir}/acct_users
+		preproxy_usersfile = \${confdir}/preproxy_users
+		compat = no
+	}
+ 
+	detail {
+		detailfile = \${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
+		detailperm = 0600
+	}
+ 
+	acct_unique {
+		key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
+	}
+ 
+	\$INCLUDE  \${confdir}/sql.conf
+ 
+	radutmp {
+		filename = \${logdir}/radutmp
+		username = %{User-Name}
+		case_sensitive = yes
+		check_with_nas = yes
+		perm = 0600
+		callerid = "yes"
+	}
+ 
+	radutmp sradutmp {
+		filename = \${logdir}/sradutmp
+		perm = 0644
+		callerid = "no"
+	}
+ 
+	attr_filter {
+		attrsfile = \${confdir}/attrs
+	}
+ 
+	counter daily {
+		filename = \${raddbdir}/db.daily
+		key = User-Name
+		count-attribute = Acct-Session-Time
+		reset = daily
+		counter-name = Daily-Session-Time
+		check-name = Max-Daily-Session
+		allowed-servicetype = Framed-User
+		cache-size = 5000
+	}
+ 
+	always fail {
+		rcode = fail
+	}
+	always reject {
+		rcode = reject
+	}
+	always ok {
+		rcode = ok
+		simulcount = 0
+		mpp = no
+	}
+ 
+	expr {
+	}
+ 
+	digest {
+	}
+ 
+	exec {
+		wait = yes
+		input_pairs = request
+	}
+ 
+	exec echo {
+		wait = yes
+		program = "/bin/echo %{User-Name}"
+		input_pairs = request
+		output_pairs = reply
+		#packet_type = Access-Accept
+	}
+ 
+	ippool main_pool {
+		range-start = 192.168.1.1
+		range-stop = 192.168.3.254
+		netmask = 255.255.255.0
+		cache-size = 800
+		session-db = \${raddbdir}/db.ippool
+		ip-index = \${raddbdir}/db.ipindex
+		override = no
+		maximum-timeout = 0
+	}
+}
+ 
+instantiate {
+	exec
+	expr
+	#daily
+}
+ 
+authorize {
+	preprocess
+	#auth_log
+	#attr_filter
+	chap
+	mschap
+	#digest
+	#IPASS
+	suffix
+	#ntdomain
+	eap
+	files
+	#sql
+	#etc_smbpasswd
+	#ldap
+	#daily
+	#checkval
+}
+ 
+authenticate {
+	Auth-Type PAP {
+		pap
+	}
+	Auth-Type CHAP {
+		chap
+	}
+	Auth-Type MS-CHAP {
+		mschap
+	}
+	#digest
+	#pam
+	unix
+	#Auth-Type LDAP {
+	#	ldap
+	#}
+	eap
+}
+ 
+preacct {
+	preprocess
+	acct_unique
+	#IPASS
+	suffix
+	#ntdomain
+	files
+}
+ 
+accounting {
+	detail
+	#daily
+	unix
+	radutmp
+	#sradutmp
+	#main_pool
+	#sql
+	#pgsql-voip
+}
+ 
+session {
+	radutmp
+	#sql
+}
+ 
+post-auth {
+	#main_pool
+	#reply_log
+	#sql
+	#ldap
+	#Post-Auth-Type REJECT {
+	#	insert-module-name-here
+	#}
+}
+ 
+pre-proxy {
+	#attr_rewrite
+	#files
+	#pre_proxy_log
+}
+ 
+post-proxy {
+	#post_proxy_log
+	#attr_rewrite
+	#attr_filter
+	eap
+}
+
+EOD;
+	file_put_contents(RADDB . '/radiusd.conf', $conf);
+	restart_service("freeradius");
+}
+
+function freeradius_users_resync() {
+	global $config;
+
+	$conf = '';
+	$users = $config['installedpackages']['freeradius']['config'];
+	if (is_array($users)) {
+		foreach ($users as $user)
+			$conf .= "{$user['username']}\tUser-Password == \"{$user['password']}\"\n";
+	}
+	$filename = RADDB . '/users';
+	file_put_contents($filename, $conf);
+	chmod($filename, 0600);
+
+	restart_service('freeradius');
+}
+
+function freeradius_clients_resync() {
+	global $config;
+
+	$conf = '';
+	$clients = $config['installedpackages']['freeradiusclients']['config'];
+	if (is_array($clients) && !empty($clients)) {
+		foreach ($clients as $item) {
+			$client = $item['client'];
+			$secret = $item['sharedsecret'];
+			$shortname = $item['shortname'];
+			$conf .= <<<EOD
+client $client {
+	secret = $secret
+	shortname = $shortname
+}
+
+EOD;
+		}
+	}
+	else {
+		$conf .= <<<EOD
+client 127.0.0.1 {
+	secret = pfsense
+	shortname = localhost
+}
+
+EOD;
+	}
+
+	file_put_contents(RADDB . '/clients.conf', $conf);
+	restart_service("freeradius");
+}
+?>
diff --git a/packages/freeradius.xml b/packages/freeradius.xml
index 279ff469..0f4af220 100644
--- a/packages/freeradius.xml
+++ b/packages/freeradius.xml
@@ -1,18 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
 <packagegui>
-	<name>freeradius</name>
-	<version>1.0.1</version>
-	<title>FreeRADIUS: Users</title>
+	<include_file>freeradius.inc</include_file>
+
+	<!-- Installation -->
+	<additional_files_needed>
+		<item>http://www.pfsense.org/packages/config/freeradiusclients.xml</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<item>http://www.pfsense.org/packages/config/freeradiussettings.xml</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<item>http://www.pfsense.org/packages/config/freeradius.inc</item>
+	</additional_files_needed>
+	<custom_php_install_command>
+		freeradius_install_command();
+	</custom_php_install_command>
 	<menu>
 		<name>FreeRADIUS</name>
 		<tooltiptext>Modify FreeRADIUS users, clients, and settings.</tooltiptext>
 		<section>Services</section>
-		<configfile>freeradius.xml</configfile>
+		<url>/pkg.php?xml=freeradius.xml</url>
 	</menu>
 	<service>
 		<name>FreeRADIUS</name>
-		<rcfile>freeradius.sh</rcfile>
+		<description>The FreeRADIUS daemon.</description>
+		<rcfile>radiusd.sh</rcfile>
 		<executable>radiusd</executable>
 	</service>
+
+	<!-- Interface -->
+	<name>freeradius</name>
+	<title>FreeRADIUS: Users</title>
 	<tabs>
 		<tab>
 			<text>Users</text>
@@ -28,16 +46,6 @@
 			<url>/pkg_edit.php?xml=freeradiussettings.xml&amp;id=0</url>
 		</tab>
 	</tabs>
-	<additional_files_needed>
-		<item>http://www.pfsense.com/packages/config/freeradiusclients.xml</item>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>http://www.pfsense.com/packages/config/freeradiussettings.xml</item>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>http://www.pfsense.com/packages/config/freeradiusconfig.tgz</item>
-	</additional_files_needed>
-	<configpath>installedpackages->package->$packagename->configuration->settings</configpath>
 	<adddeleteeditpagefields>
 		<columnitem>
 			<fielddescr>Username</fielddescr>
@@ -50,73 +58,30 @@
 	</adddeleteeditpagefields>
 	<fields>
 		<field>
-			<fielddescr>Username</fielddescr>
 			<fieldname>username</fieldname>
-			<description>Enter the username here</description>
+			<fielddescr>Username</fielddescr>
+			<description>Enter the username.</description>
+			<required/>
 			<type>input</type>
 		</field>
 		<field>
-			<fielddescr>Password</fielddescr>
 			<fieldname>password</fieldname>
-			<description>Enter the password here</description>
+			<fielddescr>Password</fielddescr>
+			<description>Enter the password for this username.</description>
+			<required/>
 			<type>password</type>
 		</field>
 		<field>
-			<fielddescr>Username Description</fielddescr>
 			<fieldname>description</fieldname>
-			<description>Enter the description of the user here</description>
+			<fielddescr>Description</fielddescr>
+			<description>You may enter a description here for your reference (not parsed).</description>
 			<type>input</type>
 		</field>
 	</fields>
-	<custom_php_install_command>
-		global $config;
-		$fout = fopen("/usr/local/etc/raddb/clients.conf","w");
-		fwrite($fout, "client 127.0.0.1" . "{\n" . "secret = pfsense\n" . "shortname = localhost\n}\n\n");
-		fclose($fout);
-		write_rcfile(array(
-					"file" => "freeradius.sh",
-					"start" => "/usr/local/sbin/radiusd -X -d /usr/local/etc/raddb &amp;",
-					"stop" => "/usr/bin/killall radiusd"
-				)
-		);
-		$fout = fopen("/usr/local/etc/radiusd.conf.dynamic","w");
-		fwrite($fout, "{\nipaddr = 127.0.0.1\nport = 0\ntype = auth\n}\n\n");
-		fclose($fout);
-		start_service("freeradius");
-	</custom_php_install_command>
-	<custom_php_global_functions>
-		function sync_package_freeradius() {
-			conf_mount_rw();
-			config_lock();
-			global $config;
-			$fout = fopen("/usr/local/etc/raddb/users","w");
-			fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
-			if($config['installedpackages']['freeradius']['config'] != "") {
-				foreach($config['installedpackages']['freeradius']['config'] as $rowhelper) {
-					fwrite($fout, $rowhelper['username'] . "\tUser-Password == \"" . $rowhelper['password'] . "\"\n");
-					if ($rowhelper['bwrestriction'] == "on") {
-						if (($rowhelper['uploadbw'] != "") and ($rowhelper['downloadbw'] != "")) {
-							fwrite($fout, "\tNomadix-Bw-Up = " . $rowhelper['uploadbw'] . ",\n");
-							fwrite($fout, "\tNomadix-Bw-Down = " . $rowhelper['downloadbw'] . "\n\n");
-						} elseif ($rowhelper['uploadbw'] != "") {
-							fwrite($fout, "\tNomadix-Bw-Up = " . $rowhelper['uploadbw'] . "\n\n");
-						} elseif ($rowhelper['downloadbw'] != "") {
-							fwrite($fout, "\tNomadix-Bw-Down = " . $rowhelper['downloadbw'] . "\n\n");
-						}
-					}
-				}
-			}
-		 	fclose($fout);
-			chmod("/usr/local/etc/raddb/users", 0600);
-			conf_mount_ro();
-			config_unlock();
-			restart_service("freeradius");
-		}
-	</custom_php_global_functions>
+	<custom_delete_php_command>
+		freeradius_users_resync();
+	</custom_delete_php_command>
 	<custom_php_resync_config_command>
-		sync_package_freeradius();
+		freeradius_users_resync();
 	</custom_php_resync_config_command>
-	<custom_add_php_command>
-		sync_package_freeradius();
-	</custom_add_php_command>
 </packagegui>
diff --git a/packages/freeradiusclients.xml b/packages/freeradiusclients.xml
index c24d01eb..d3dc95ec 100644
--- a/packages/freeradiusclients.xml
+++ b/packages/freeradiusclients.xml
@@ -1,6 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
 <packagegui>
 	<name>freeradiusclients</name>
 	<title>FreeRADIUS: Clients</title>
+	<include_file>freeradius.inc</include_file>
 	<tabs>
                 <tab>
                         <text>Users</text>
@@ -16,7 +18,6 @@
                         <url>/pkg_edit.php?xml=freeradiussettings.xml&amp;id=0</url>
                 </tab>
         </tabs>
-	<configpath>installedpackages->package->$packagename->configuration->settings</configpath>
 	<adddeleteeditpagefields>
 		<columnitem>
 			<fielddescr>Client</fielddescr>
@@ -33,52 +34,37 @@
 	</adddeleteeditpagefields>
 	<fields>
 		<field>
-			<fielddescr>Client</fielddescr>
 			<fieldname>client</fieldname>
-			<description>Enter the client's IP address here</description>
+			<fielddescr>Client</fielddescr>
+			<description>Enter the client's IP address.</description>
 			<type>input</type>
+			<required/>
 		</field>
 		<field>
-			<fielddescr>Shortname</fielddescr>
 			<fieldname>shortname</fieldname>
-			<description>Enter the client's shortname here</description>
+			<fielddescr>Shortname</fielddescr>
+			<description>Enter the client's shortname.</description>
 			<type>input</type>
+			<required/>
 		</field>
 		<field>
-			<fielddescr>Shared Secret</fielddescr>
 			<fieldname>sharedsecret</fieldname>
+			<fielddescr>Shared Secret</fielddescr>
 			<description>Enter the client's shared secret here</description>
 			<type>password</type>
+			<required/>
 		</field>
 		<field>
-			<fielddescr>Description</fielddescr>
 			<fieldname>description</fieldname>
+			<fielddescr>Description</fielddescr>
 			<description>Enter the description of the user here</description>
 			<type>input</type>
 		</field>
 	</fields>
-	<custom_php_command_before_form>
-		function sync_package_freeradius_clients() {
-			conf_mount_rw();
-			config_lock();
-			global $config;
-			$fout = fopen("/usr/local/etc/raddb/clients.conf","w");
-			fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
-			fwrite($fout, "client 127.0.0.1" . "{\n" . "secret = pfsense\n" . "shortname = localhost\n}\n\n");
-			if($config['installedpackages']['freeradiusclients']['config'] != "") {
-				foreach($config['installedpackages']['freeradiusclients']['config'] as $rowhelper) {
-					fwrite($fout, "client " . $rowhelper['client'] . "{\n" . "secret = " . $rowhelper['sharedsecret'] . "\nshortname = " . $rowhelper['shortname'] . "\n}\n\n");
-				}
-			}
-		 	fclose($fout);
-			conf_mount_ro();
-			config_unlock();
-			restart_service("freeradius");
-		}
-		sync_package_freeradius_clients();
-	</custom_php_command_before_form>
-	<custom_add_php_command>
-		sync_package_freeradius_clients();
-	</custom_add_php_command>
+	<custom_delete_php_command>
+		freeradius_clients_resync();
+	</custom_delete_php_command>
+	<custom_php_resync_config_command>
+		freeradius_clients_resync();
+	</custom_php_resync_config_command>
 </packagegui>
-
diff --git a/packages/freeradiussettings.xml b/packages/freeradiussettings.xml
index 7db3402d..91c1cd63 100644
--- a/packages/freeradiussettings.xml
+++ b/packages/freeradiussettings.xml
@@ -1,6 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
 <packagegui>
 	<name>freeradiussettings</name>
 	<title>FreeRADIUS: Settings</title>
+	<include_file>freeradius.inc</include_file>
 	<aftersaveredirect>pkg_edit.php?xml=freeradiussettings.xml&amp;id=0</aftersaveredirect>
 	<tabs>
                 <tab>
@@ -17,47 +19,25 @@
 			<active/>
                 </tab>
         </tabs>
-	<configpath>installedpackages->package->$packagename->configuration->settings</configpath>
 	<fields>
 		<field>
-			<fielddescr>Listening Interface(s)</fielddescr>
 			<fieldname>interface</fieldname>
-			<description>Enter the desired listening interface here</description>
+			<fielddescr>Listening Interface(s)</fielddescr>
+			<description>Enter the desired listening interface here.</description>
 			<type>interfaces_selection</type>
+			<required/>
 		</field>
 		<field>
-			<fielddescr>Port</fielddescr>
 			<fieldname>port</fieldname>
-			<description>Enter the desired port here (default 1812)</description>
+			<fielddescr>Port</fielddescr>
+			<description>Enter the port the RADIUS server will listen on. Leave blank to default to the system default, i.e., 1892.</description>
 			<type>input</type>
 		</field>
 	</fields>
-	<custom_php_command_before_form>
-	function sync_package_freeradius_settings() {
-		conf_mount_rw();
-		config_lock();
-		global $config;
-		$fout = fopen("/usr/local/etc/raddb/radiusd.conf.dynamic","w");
-		fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
-		$int = convert_friendly_interface_to_real_interface_name($config['installedpackages']['freeradiussettings']['config']['0']['interface']);
-		$int_ip = find_interface_ip($int);
-		$port = $config['installedpackages']['freeradiussettings']['config'][0]['port'];
-		fwrite($fout, "{\nipaddr = " . $int_ip);
-		if($port != "") {
-		fwrite($fout, "port = " . $port . "\n");
-		} else {
-		fwrite($fout, "port = 0\n");
-		}
-		fwrite($fout, "type = auth\n}\n\n");
-		fwrite($fout, "{\nipaddr = 127.0.0.1\nport = 0\ntype = auth\n}\n\n");
-		fclose($fout);
-		conf_mount_ro();
-		config_unlock();
-		restart_service("freeradius");
-		}
-	</custom_php_command_before_form>
-	<custom_add_php_command>
-		sync_package_freeradius_settings();
-	</custom_add_php_command>
+	<custom_delete_php_command>
+		freeradius_settings_resync();
+	</custom_delete_php_command>
+	<custom_php_resync_config_command>
+		freeradius_settings_resync();
+	</custom_php_resync_config_command>
 </packagegui>
-
-- 
cgit v1.2.3