diff --git a/src/etc/Makefile b/src/etc/Makefile index 11596fa6..502c5bf0 100644 --- a/src/etc/Makefile +++ b/src/etc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.404 2015/07/03 22:05:53 millert Exp $ +# $OpenBSD: Makefile,v 1.405 2015/08/03 04:19:25 yasuoka Exp $ TZDIR= /usr/share/zoneinfo LOCALTIME= Canada/Mountain @@ -47,8 +47,8 @@ EXAMPLES+= wsconsctl.conf # -rw------- EXAMPLES_600=bgpd.conf dvmrpd.conf hostapd.conf iked.conf ipsec.conf \ - ldapd.conf ldpd.conf ospf6d.conf ospfd.conf pf.conf rc.local \ - rc.securelevel rc.shutdown relayd.conf ripd.conf \ + ldapd.conf ldpd.conf ospf6d.conf ospfd.conf pf.conf radiusd.conf \ + rc.local rc.securelevel rc.shutdown relayd.conf ripd.conf \ sasyncd.conf snmpd.conf ypldap.conf # -r-xr-xr-x diff --git a/src/etc/changelist b/src/etc/changelist index 4d380850..f1cbc93c 100644 --- a/src/etc/changelist +++ b/src/etc/changelist @@ -1,4 +1,4 @@ -# $OpenBSD: changelist,v 1.107 2015/07/23 14:49:10 sthen Exp $ +# $OpenBSD: changelist,v 1.108 2015/08/03 04:19:25 yasuoka Exp $ # # List of files which the security script backs up and checks # for modifications. @@ -90,6 +90,7 @@ /etc/profile /etc/protocols +/etc/pwd.db ++/etc/radiusd.conf /etc/rbootd.conf /etc/rc /etc/rc.conf diff --git a/src/etc/examples/radiusd.conf b/src/etc/examples/radiusd.conf new file mode 100644 index 00000000..63b94990 --- /dev/null +++ b/src/etc/examples/radiusd.conf @@ -0,0 +1,26 @@ +# $OpenBSD: radiusd.conf,v 1.1 2015/08/03 04:19:25 yasuoka Exp $ + +listen on 0.0.0.0 +#listen on :: + +client 127.0.0.1/32 { + secret "secret" +} +client 192.168.0.0/24 { + secret "secret" + msgauth-required yes +} + +module load bsdauth "/usr/libexec/radiusd/radiusd_bsdauth" +module set bsdauth restrict-group operator + +module load radius "/usr/libexec/radiusd/radiusd_radius" +module set radius "secret" "testing123" +module set radius "server" "127.0.0.1" + +authenticate *@local { + authenticate-by bsdauth +} +authenticate *@example.com { + authenticate-by radius +} diff --git a/src/etc/mtree/special b/src/etc/mtree/special index 6061c52d..e891a8b0 100644 --- a/src/etc/mtree/special +++ b/src/etc/mtree/special @@ -1,4 +1,4 @@ -# $OpenBSD: special,v 1.114 2015/07/23 14:49:10 sthen Exp $ +# $OpenBSD: special,v 1.115 2015/08/03 04:19:25 yasuoka Exp $ # # Hand-crafted mtree specification for the dangerous files. # @@ -75,6 +75,7 @@ ospf6d.conf type=file mode=0600 uname=root gname=wheel optional passwd type=file mode=0644 uname=root gname=wheel pf.conf type=file mode=0600 uname=root gname=wheel optional printcap type=file mode=0644 uname=root gname=wheel optional +radiusd.conf type=file mode=0600 uname=root gname=wheel optional rc type=file mode=0644 uname=root gname=wheel rc.conf type=file mode=0644 uname=root gname=wheel rc.conf.local type=file mode=0644 uname=root gname=wheel optional diff --git a/src/etc/rc b/src/etc/rc index 5cf41da1..2702a7aa 100644 --- a/src/etc/rc +++ b/src/etc/rc @@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.454 2015/07/20 06:59:39 rpe Exp $ +# $OpenBSD: rc,v 1.455 2015/08/03 04:19:25 yasuoka Exp $ # System startup script run by init on autoboot or after single-user. # Output and error are redirected to console by init, and the console is the @@ -494,7 +494,7 @@ echo 'preserving editor files.'; /usr/libexec/vi.recover echo -n 'starting network daemons:' start_daemon ldomd sshd snmpd ldpd ripd ospfd ospf6d bgpd ifstated -start_daemon relayd dhcpd dhcrelay mrouted dvmrpd +start_daemon relayd dhcpd dhcrelay mrouted dvmrpd radiusd if ifconfig lo0 inet6 >/dev/null 2>&1; then fw=`sysctl -n net.inet6.ip6.forwarding` diff --git a/src/etc/rc.conf b/src/etc/rc.conf index c4c7ca46..ac2f3ffe 100644 --- a/src/etc/rc.conf +++ b/src/etc/rc.conf @@ -1,4 +1,4 @@ -# $OpenBSD: rc.conf,v 1.203 2015/05/18 13:48:38 deraadt Exp $ +# $OpenBSD: rc.conf,v 1.204 2015/08/03 04:19:25 yasuoka Exp $ # DO NOT EDIT THIS FILE!! # @@ -44,6 +44,7 @@ ntpd_flags= ospfd_flags=NO ospf6d_flags=NO pflogd_flags= # add more flags, e.g. "-s 256" +radiusd_flags=NO rarpd_flags=NO rbootd_flags=NO relayd_flags=NO diff --git a/src/etc/rc.d/radiusd b/src/etc/rc.d/radiusd new file mode 100644 index 00000000..769af382 --- /dev/null +++ b/src/etc/rc.d/radiusd @@ -0,0 +1,11 @@ +#!/bin/sh +# +# $OpenBSD: radiusd,v 1.1 2015/08/03 04:19:25 yasuoka Exp $ + +daemon="/usr/sbin/radiusd" + +. /etc/rc.d/rc.subr + +rc_reload=NO + +rc_cmd $1