Project

General

Profile

Actions
Copy link

Bug #14596

closed

FreeRADIUS falsely shows its default is to save data during package reinstall

Added by Steve Y 9 months ago. Updated 7 months ago.

Status:
Duplicate
Priority:
High
Assignee:
-
Category:
FreeRADIUS
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
23.05.1
Affected Architecture:

Description

forum thread: https://forum.netgate.com/topic/181594/restore-missing-freeradius-config

A new install of FreeRADIUS shows the "Save settings after deletion" checked by default. However 

<keep_settings>on</keep_settings>
is not in the config.xml file, thus the package removes all settings upon reinstall, such as after a restore:

Jul 20 21:53:24 php 38236 //etc/rc.packages: Configuration Change: (system): Overwrote previous installation of freeradius3.
Jul 20 21:53:23 php 38236 //etc/rc.packages: Configuration Change: (system): Intermediate config write during package install for freeradius3.
Jul 20 21:53:23 php 38236 //etc/rc.packages: Beginning package installation for freeradius3 .
Jul 20 21:53:23 check_reload_status 329 Syncing firewall
Jul 20 21:53:23 php 36496 /etc/rc.packages: Configuration Change: (system): [freeRADIUS] Package uninstalled.
Jul 20 21:53:22 php 36496 /etc/rc.packages: [freeRADIUS] Removing all FreeRADIUS settings since 'Keep Settings/Data' is disabled...
Jul 20 21:53:22 check_reload_status 329 Syncing firewall
Jul 20 21:53:22 php 36496 /etc/rc.packages: Configuration Change: (system): Intermediate config write during package removal for freeradius3.
Jul 20 21:53:22 php 36496 /etc/rc.packages: The command '/usr/local/etc/rc.d/radiusd.sh stop' returned exit code '1', the output was 'radiusd not running?'

In fact the entire <freeradiussettings> tag is missing from the config.xml file:

                <freeradiussettings>
                        <config>
                                <varsettingsmaxrequests>1024</varsettingsmaxrequests>
                                <varsettingsmaxrequesttime>30</varsettingsmaxrequesttime>
                                <varsettingscleanupdelay>5</varsettingscleanupdelay>
                                <varsettingsallowcoredumps>no</varsettingsallowcoredumps>
                                <varsettingsregularexpressions>yes</varsettingsregularexpressions>
                                <varsettingsextendedexpressions>yes</varsettingsextendedexpressions>
                                <keep_settings>on</keep_settings>
                                <varsettingslogdir>syslog</varsettingslogdir>
                                <varsettingsauth>yes</varsettingsauth>
                                <varsettingsauthbadpass>no</varsettingsauthbadpass>
                                <varsettingsauthbadpassmessage></varsettingsauthbadpassmessage>
                                <varsettingsauthgoodpass>no</varsettingsauthgoodpass>
                                <varsettingsauthgoodpassmessage></varsettingsauthgoodpassmessage>
                                <varsettingsstrippednames>no</varsettingsstrippednames>
                                <varsettingshostnamelookups>no</varsettingshostnamelookups>
                                <varsettingsmaxattributes>200</varsettingsmaxattributes>
                                <varsettingsrejectdelay>1</varsettingsrejectdelay>
                                <varsettingsstartservers>5</varsettingsstartservers>
                                <varsettingsmaxservers>32</varsettingsmaxservers>
                                <varsettingsminspareservers>3</varsettingsminspareservers>
                                <varsettingsmaxspareservers>10</varsettingsmaxspareservers>
                                <varsettingsmaxqueuesize>65536</varsettingsmaxqueuesize>
                                <varsettingsmaxrequestsperserver>0</varsettingsmaxrequestsperserver>
                                <varsettingsmotpenable></varsettingsmotpenable>
                                <varsettingsmotptimespan></varsettingsmotptimespan>
                                <varsettingsmotppasswordattempts></varsettingsmotppasswordattempts>
                                <varsettingsmotpchecksumtype>md5</varsettingsmotpchecksumtype>
                                <varsettingsmotptokenlength></varsettingsmotptokenlength>
                                <varsettingsenablemacauth></varsettingsenablemacauth>
                                <varsettingsenableacctunique></varsettingsenableacctunique>
                        </config>
                </freeradiussettings>

It seems like the package defaults that show in the GUI are not reflected in the code, at least for the keep_settings setting. Thus anyone who has not actually saved the settings page will have all their FreeRADIUS settings removed upon package upgrade, config restore, pfSense upgrade, etc.

This missing section can be added next to the <freeradiuseapconf> tag and the config file restored again. To recover, also copy <freeradiuseapconf>, <freeradius>, <freeradiusclients>, and <freeradiusinterfaces> from a valid backup and restore it.

Related issues

Related to Bug #14806: Freeradius configuration lost when you reinstall packageResolvedJim Pingle

Actions
Actions
Copy link
 #1

Updated by Steve Y 9 months ago

Stated differently, it is not possible to restore FreeRADIUS settings unless one has at some point clicked the Save button the Settings tab.

In addition "all settings will be wiped on package uninstall/reinstall/upgrade" unless the Save button has been clicked at some point before then.

Actions
Copy link
 #2

Updated by Danilo Zrenjanin 9 months ago

  • Status changed from New to Confirmed

I can confirm this behavior.

Tested on:

23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT
Actions
Copy link
 #3

Updated by Jim Pingle 7 months ago

  • Status changed from Confirmed to Duplicate

Duplicate of #14806 but I already started working on that issue even though this one was older.

Actions
Copy link
 #4

Updated by Jim Pingle 7 months ago

  • Related to Bug #14806: Freeradius configuration lost when you reinstall package added
Actions
Copy link

Also available in: Atom PDF