Merging upstream version 3.2.5+dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-08-26 10:41:53 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-08-26 10:41:53 +0000
commit: 1526b335a5a81d945e64291e2fbcf92f72d15a4e (patch)
tree: 64d3bc5d36df06664cc49d7c4d8710100e23b888 /scripts/docker/m4
parent: Releasing progress-linux version 3.2.3+dfsg-2~progress7.99u1. (diff)
download: freeradius-1526b335a5a81d945e64291e2fbcf92f72d15a4e.tar.xz
freeradius-1526b335a5a81d945e64291e2fbcf92f72d15a4e.zip
4 files changed, 409 insertions, 0 deletions
diff --git a/scripts/docker/m4/Dockerfile.alpine.m4 b/scripts/docker/m4/Dockerfile.alpine.m4
new file mode 100644
index 0000000..64c6c8f
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.alpine.m4
@@ -0,0 +1,90 @@
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
+
+#
+#  Install build tools
+#
+RUN apk update
+RUN apk add git gcc make
+
+#
+#  Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+#  Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+#  Clean up tree - we want to build from the latest commit, not from
+#  any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+RUN [ -z "$release" ] || git checkout ${release}
+
+
+#
+#  Install build dependencies
+#
+# essential
+RUN apk add libc-dev talloc-dev
+RUN apk add openssl openssl-dev
+RUN apk add linux-headers
+# general
+RUN apk add pcre-dev libidn-dev krb5-dev samba-dev curl-dev json-c-dev
+RUN apk add openldap-dev unbound-dev
+# languages
+RUN apk add ruby-dev perl-dev python2-dev python3-dev
+# databases
+RUN apk add hiredis-dev libmemcached-dev gdbm-dev libcouchbase-dev
+# sql
+RUN apk add postgresql-dev mariadb-dev unixodbc-dev sqlite-dev
+
+#
+#  Build the server
+#
+RUN ./configure --prefix=/opt
+RUN make -j2
+RUN make install
+RUN rm /opt/lib/*.a
+
+#
+#  Clean environment and run the server
+#
+FROM ${from}
+COPY --from=build /opt /opt
+
+#
+# These are needed for the server to start
+#
+RUN apk update \
+    && apk add talloc libressl pcre libwbclient tzdata \
+    \
+#
+#  Libraries that are needed dependent on which modules are used
+#  Some of these (especially the languages) are huge. A reasonable
+#  selection has been enabled here. If you use modules needing
+#  other dependencies then install any others required in your
+#  local Dockerfile.
+#
+    && apk add libcurl json-c libldap hiredis sqlite-dev \
+#RUN apk add libidn krb5
+#RUN apk add unbound-libs
+#RUN apk add ruby-libs perl python2-dev python3-dev
+#RUN apk add libmemcached gdbm libcouchbase
+#RUN apk add postgresql-dev mariadb-dev unixodbc-dev
+    \
+    && ln -s /opt/etc/raddb /etc/raddb
+
+WORKDIR /
+COPY DOCKER_TOPDIR/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["radiusd"]
diff --git a/scripts/docker/m4/Dockerfile.deb.m4 b/scripts/docker/m4/Dockerfile.deb.m4
new file mode 100644
index 0000000..0b4e5b5
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.deb.m4
@@ -0,0 +1,88 @@
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+#  Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+#  Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+#  Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+#  Clean up tree - we want to build from the latest commit, not from
+#  any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+    git status ; \
+    git log -1 --oneline
+
+#
+#  Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+        debian/rules debian/control; \
+    fi; \
+    echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+#  Build the server
+#
+#  Work around fakeroot problems in Docker when building for different
+#  platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+#  Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ifelse(ifelse(
+	D_NAME, `debian10', no,
+	D_NAME, `ubuntu18', no,
+	D_NAME, `ubuntu20', no,
+	yes), yes, `dnl
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \',
+`RUN apt-get update \')
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+    \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/m4/Dockerfile.m4 b/scripts/docker/m4/Dockerfile.m4
new file mode 100644
index 0000000..f9890a1
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.m4
@@ -0,0 +1,45 @@
+dnl  Look up the OS codename, docker base image etc before including
+dnl  the main Dockerfile template.
+dnl
+dnl  This top-level template is used by both the docker makefile
+dnl  (scripts/docker/docker.mk) and the crossbuild makefile
+dnl  (scripts/crossbuild/crossbuild.mk), but the Dockerfile templates
+dnl  they use are different - see the m4 directories for each.
+dnl
+divert(`-1')
+changequote(`[', `]')
+define([DOCKER_TOPDIR], [scripts/docker/])
+define([p_SET], [
+	define([PKG_TYPE],	[$1])
+	define([OS_NAME],	[$2])
+	define([OS_VER],	[$3])
+	define([OS_CODENAME],	[$4])
+	define([DOCKER_IMAGE],	[$5])
+])
+dnl		D_NAME		PKG_TYPE      OS_NAME	OS_VER	OS_CODENAME	DOCKER_IMAGE
+ifelse(
+	D_NAME, [alpine],	[p_SET([alpine], [alpine], [3.13], [alpine],	[alpine:3.13])],
+	D_NAME, [debian10],	[p_SET([deb], [debian],	[10],	[buster],	[debian:buster])],
+	D_NAME, [debian11],	[p_SET([deb], [debian],	[11],	[bullseye],	[debian:bullseye])],
+	D_NAME, [debian12],	[p_SET([deb], [debian],	[12],	[bookworm],	[debian:bookworm])],
+	D_NAME, [debiansid],	[p_SET([deb], [debian],	[99],	[sid],		[debian:sid])],
+	D_NAME, [ubuntu18],	[p_SET([deb], [ubuntu],	[18],	[bionic],	[ubuntu:18.04])],
+	D_NAME, [ubuntu20],	[p_SET([deb], [ubuntu],	[20],	[focal],	[ubuntu:20.04])],
+	D_NAME, [ubuntu22],	[p_SET([deb], [ubuntu],	[22],	[jammy],	[ubuntu:22.04])],
+	D_NAME, [ubuntu24],	[p_SET([deb], [ubuntu],	[24],	[noble],	[ubuntu:24.04])],
+	D_NAME, [centos7],	[p_SET([rpm], [centos],	[7],	[7],		[centos:7])],
+	D_NAME, [centos8],	[p_SET([rpm], [centos],	[8],	[8],		[centos:8])],
+	D_NAME, [rocky8],	[p_SET([rpm], [rocky],	[8],	[8],		[rockylinux/rockylinux:8])],
+	D_NAME, [rocky9],	[p_SET([rpm], [rocky],	[9],	[9],		[rockylinux/rockylinux:9])],
+	[errprint(error: OS 'D_NAME' not defined[,] see __file__
+)m4exit(1)]
+)
+undefine([p_SET])
+divert[]dnl
+[#] Auto generated for D_NAME
+[#] from scripts/D_TYPE/m4/Dockerfile.PKG_TYPE.m4
+[#]
+[#] Rebuild this file with `make D_TYPE.D_NAME.regen`
+[#]
+changequote([`], ['])dnl
+include(Dockerfile.PKG_TYPE.m4)dnl
diff --git a/scripts/docker/m4/Dockerfile.rpm.m4 b/scripts/docker/m4/Dockerfile.rpm.m4
new file mode 100644
index 0000000..03181e8
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.rpm.m4
@@ -0,0 +1,186 @@
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
+
+ifelse(OS_VER, 7, `dnl
+#
+#  CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+')dnl
+
+ifelse(OS_VER, `7', `', `dnl
+#
+#  Install yum
+#
+RUN dnf install -y yum
+')dnl
+
+ifelse(OS_VER, 8, `dnl
+RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+')dnl
+ifelse(OS_VER, 9, `dnl
+RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+')
+#
+#  Install build tools
+#
+RUN yum groupinstall -y "Development Tools"
+ifelse(OS_VER, 7,`dnl
+RUN yum install -y rpmdevtools
+RUN yum install -y openssl
+',`
+RUN yum install -y rpmdevtools openssl dnf-utils
+')
+
+#
+#  Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+#  Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+#  Clean up tree - we want to build from the latest commit, not from
+#  any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+    git status ; \
+    git log -1 --oneline
+
+#
+#  Other requirements
+#
+changequote(`{', `}')dnl
+ifelse(ifelse(OS_VER, 7, yes, OS_VER, 8, yes, no), yes, {
+#  Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo
+RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+})dnl
+changequote({`}, {'})dnl
+
+#  Enable EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-OS_VER.noarch.rpm
+ifelse(OS_VER, 8, `
+#  Enable powertools repo
+RUN yum config-manager --enable powertools
+
+#  Enable epel-testing, currently needed for hiredis-devel
+RUN yum config-manager --enable epel-testing
+')dnl
+ifelse(OS_VER, 9, `
+#  Enable Code Ready Builder repo (CentOS powertools equivalent)
+RUN yum install -y yum-utils
+RUN yum config-manager --enable crb
+')dnl
+
+#
+#  Install build dependencies
+#
+#  Run twice, it doesn't always get everything with one invocation
+#
+RUN [ -e redhat/freeradius.spec ] && \
+	yum-builddep -y redhat/freeradius.spec && \
+	yum-builddep -y redhat/freeradius.spec
+
+#
+#  Create RPM build environment
+#
+ENV BUILDDIR=/root/rpmbuild
+RUN rpmdev-setuptree
+
+RUN ./configure
+RUN cp VERSION /VERSION
+RUN make freeradius-server-$(cat /VERSION).tar.bz2
+RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/
+RUN cp -r redhat/* $BUILDDIR/SOURCES/
+RUN sed -i "s/^Version:.*/Version: $(cat /VERSION)/" redhat/freeradius.spec
+RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/
+WORKDIR $BUILDDIR
+
+#
+#  Build the server
+#
+ENV QA_RPATHS=0x0003
+RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec"
+
+RUN mkdir /root/rpms
+RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
+
+#
+#  Clean environment and run the server
+#
+FROM ${from}
+
+COPY --from=build /root/rpms /tmp/
+
+ifelse(OS_VER, 7, `dnl
+#
+#  CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+')dnl
+
+ifelse(OS_VER, `7', `', `dnl
+#
+#  Install yum
+#
+RUN dnf install -y yum
+')dnl
+
+changequote(`{', `}')dnl
+ifelse(ifelse(OS_VER, 7, yes, OS_VER, 8, yes, no), yes, {dnl
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo \
+    && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+})dnl
+changequote({`}, {'})dnl
+
+
+#  EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-OS_VER.noarch.rpm \
+ifelse(OS_VER, 7, `    \', `dnl
+    && yum install -y dnf-utils \
+ifelse(OS_VER, 8, `dnl
+    && yum config-manager --enable powertools \
+')dnl
+ifelse(OS_VER, 9, `dnl
+    && yum config-manager --enable crb \
+')dnl
+    && yum config-manager --enable epel-testing
+
+ARG radiusd_uid=95
+ARG radiusd_gid=95
+
+RUN groupadd -g ${radiusd_gid} -r radiusd \
+    && useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \')
+    && yum install -y /tmp/*.rpm
+
+WORKDIR /
+COPY DOCKER_TOPDIR/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["radiusd"]
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-08-26 10:41:53 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-08-26 10:41:53 +0000
commit	1526b335a5a81d945e64291e2fbcf92f72d15a4e (patch)
tree	64d3bc5d36df06664cc49d7c4d8710100e23b888 /scripts/docker/m4
parent	Releasing progress-linux version 3.2.3+dfsg-2~progress7.99u1. (diff)
download	freeradius-1526b335a5a81d945e64291e2fbcf92f72d15a4e.tar.xz freeradius-1526b335a5a81d945e64291e2fbcf92f72d15a4e.zip