From af754e596a8dbb05ed8580c342e7fe02e08b28e0 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 13 Apr 2024 16:11:00 +0200
Subject: Adding upstream version 3.2.3+dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 scripts/solaris/.gitignore    |  1 +
 scripts/solaris/README.md     | 58 +++++++++++++++++++++++++
 scripts/solaris/radius.xml    | 68 +++++++++++++++++++++++++++++
 scripts/solaris/svc-radius.in | 99 +++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 226 insertions(+)
 create mode 100644 scripts/solaris/.gitignore
 create mode 100644 scripts/solaris/README.md
 create mode 100644 scripts/solaris/radius.xml
 create mode 100755 scripts/solaris/svc-radius.in

(limited to 'scripts/solaris')

diff --git a/scripts/solaris/.gitignore b/scripts/solaris/.gitignore
new file mode 100644
index 0000000..91ef483
--- /dev/null
+++ b/scripts/solaris/.gitignore
@@ -0,0 +1 @@
+svc-radius
diff --git a/scripts/solaris/README.md b/scripts/solaris/README.md
new file mode 100644
index 0000000..8e1c02a
--- /dev/null
+++ b/scripts/solaris/README.md
@@ -0,0 +1,58 @@
+# Solaris startup scripts
+
+SMF is the Solaris version of upstart (or the reverse), it imports
+XML configuration file for services, and manages service
+dependencies. It will automatically restart daemons in they die,
+and provides a standard interface for checking the status of a
+service and administratively disabling/enabling it.
+
+
+# Installation/configuration
+
+## Solaris 10
+
+Do the following as the root user ``sudo -s``.
+
+Copy the service management script ``svc-radius`` to ``/lib/srv/method/``:
+
+```bash
+cp ./svc-radius /lib/svc/method/
+chown root:bin /lib/svc/method/svc-radius
+chmod 555 /lib/svc/method/svc-radius
+```
+
+Copy the ``radius.xml`` manifest to
+``/var/svc/manifest/network/``, and import it into SMF:
+
+```bash
+cp ./radius.xml /var/svc/manifest/network/
+svccfg import /var/svc/manifest/network/radius.xml
+```
+
+
+### Authorizing additional users
+
+First create an authorisation entry for the radius service:
+
+```bash
+echo "solaris.smf.manage.radius/server:::FreeRADIUS Server management::" >> /etc/security/auth_attr
+```
+
+Next instruct SMF to use RBAC for authorising actions on this
+particular service (only works with local accounts):
+
+```bash
+svccfg -s radius setprop general/action_authorization=astring: 'solaris.smf.manage.radius/server'
+```
+
+Then assign this authorisation to our one or more users:
+
+```bash
+usermod -A solaris.smf.manage.radius/server <user>
+```
+
+And finally test with (as authorized user):
+
+```bash
+svcs radius
+```
diff --git a/scripts/solaris/radius.xml b/scripts/solaris/radius.xml
new file mode 100644
index 0000000..d9b0506
--- /dev/null
+++ b/scripts/solaris/radius.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM
+"/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<service_bundle type='manifest' name='radius'>
+<service
+       name='network/radius'
+       type='service'
+       version='1'>
+       <create_default_instance enabled='false' />
+       <single_instance/>
+  
+       <dependency name='fs-local'
+                grouping='require_all'
+                restart_on='none'
+                type='service'>
+                <service_fmri value='svc:/system/filesystem/local' />
+       </dependency>
+
+       <dependency name='fs-autofs'
+               grouping='optional_all'
+               restart_on='none'
+               type='service'>
+               <service_fmri value='svc:/system/filesystem/autofs' />
+       </dependency>
+
+       <dependency name='net-loopback'
+               grouping='require_all'
+               restart_on='none'
+               type='service'>
+               <service_fmri value='svc:/network/loopback' />
+       </dependency>
+
+       <dependency name='net-physical'
+               grouping='require_all'
+               restart_on='none'
+               type='service'>
+               <service_fmri value='svc:/network/physical' />
+       </dependency>
+
+       <exec_method
+               type='method'
+               name='start'
+               exec='/lib/svc/method/svc-radius %m'
+               timeout_seconds='10' />
+       <exec_method
+               type='method'
+               name='stop'
+               exec='/lib/svc/method/svc-radius %m %{restarter/contract}'
+               timeout_seconds='10' />
+       <exec_method
+               type='method'
+               name='refresh'
+               exec='/lib/svc/method/svc-radius %m'
+               timeout_seconds='10' />
+
+       <stability value='Unstable' />
+       <template>
+               <common_name>
+                       <loctext xml:lang='C'> radius
+                       </loctext>
+               </common_name>
+               <documentation>
+                       <manpage title='radius' section='1M'
+                               manpath='/usr/share/man' />
+              </documentation>
+       </template>
+</service>
+</service_bundle>
diff --git a/scripts/solaris/svc-radius.in b/scripts/solaris/svc-radius.in
new file mode 100755
index 0000000..f5aee81
--- /dev/null
+++ b/scripts/solaris/svc-radius.in
@@ -0,0 +1,99 @@
+#!/bin/sh
+. /lib/svc/share/smf_include.sh
+#
+#
+# radiusd       Start the radius daemon.
+#
+#    This program is free software; you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation; either version 2 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program; if not, write to the Free Software
+#    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+#
+#    Copyright (C) 2001-2012 The FreeRADIUS Project http://www.freeradius.org
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+sbindir=@sbindir@
+localstatedir=@localstatedir@
+logdir=@logdir@
+rundir=${localstatedir}/run/radiusd
+sysconfdir=@sysconfdir@
+
+#
+#  If you have issues with OpenSSL, uncomment these next lines.
+#
+#  Something similar may work for MySQL, and you may also
+#  have to LD_PRELOAD libz.so
+#
+#LD_LIBRARY_PATH= -lcrypto -lssl -lcrypto
+#LD_RUN_PATH= -lcrypto -lssl -lcrypto:
+#LD_PRELOAD= -lcrypto -lssl -lcryptolibcrypto.so
+export LD_LIBRARY_PATH LD_RUN_PATH LD_PRELOAD
+
+RADIUSD=$sbindir/radiusd
+RADDBDIR=@raddbdir@
+DESC="FreeRADIUS"
+
+#
+#  See 'man radiusd' for details on command-line options.
+#
+ARGS=""
+
+test -f $RADIUSD || exit $SMF_EXIT_ERR_CONFIG 
+test -f $RADDBDIR/radiusd.conf || exit $SMF_EXIT_ERR_CONFIG
+
+#if [ ! -d $rundir ] ; then
+#    mkdir $rundir
+#    chown radmin:radius
+#    chmod 775 $rundir
+#fi
+#
+#if [ ! -d $logdir ] ; then
+#    mkdir $logdir
+#    chown radmin:radius $logdir
+#    chmod 770 $logdir
+#    chmod g+s $logdir
+#fi
+#
+#if [ ! -f $logdir/radius.log ]; then
+#        touch $logdir/radius.log
+#fi
+#
+#chown radmin:radius $logdir/radius.log
+#chmod 660 $logdir/radius.log
+
+case "$1" in
+  start)
+        echo -n "Starting $DESC: "
+        $RADIUSD $ARGS
+        echo "radiusd"
+        ;;
+  stop)
+        echo -n "Stopping $DESC: "
+        smf_kill_contract $2 TERM 1
+        [ $? -ne 0 ] && exit 1
+        echo "radiusd."
+        ;;
+  refresh)
+        echo "Reloading $DESC configuration files."
+        [ -f $rundir/radiusd.pid ] && kill -HUP `cat $rundir/radiusd.pid`
+        ;;
+  check)
+        $RADIUSD -CX $ARGS
+        exit $?
+        ;;
+  *)
+        echo "Usage: $0 {start|stop|refresh|check}"
+        exit 1
+esac
+
+exit $SMF_EXIT_OK
-- 
cgit v1.2.3