On Mon, Jan 28, 2013 at 8:42 AM, Matthew Newton <m...@leicester.ac.uk> wrote: > On Sun, Jan 27, 2013 at 08:51:28PM +0000, a.l.m.bu...@lboro.ac.uk wrote: >> > I have a working server running on version 2.1.10 > >> if you got your 2.1.10 from distribution...then you have to wait >> for your distro to catch up > > Actually, with Debian and Ubuntu, building new local packages of > the latest version is trivially easy, and the way I would > recommend upgrading. > > http://wiki.freeradius.org/building/Build#Building-Debian-packages >
Debian packages generated from FR source is mostly compatible with current Debian/Ubuntu packages. It's great for when used for new servers. There's a catch though: if you have upgrade current installation, there might be some things that needed manual tweaking (IIRC it was certificate-related). FR's debian recipe is based on some old version in Debian. Current Debian package has diverged somewhat, so you might see some minor differences (configuration, init script, pre/post install script, etc). If we ported ALL Debian/Ubuntu changes, it would mean build failure on some older systems. So for the 2.2.0 FR release I only backported ones that were essential and wouldn't break things. If you currently have an Ubuntu system running with 2.1.10, you might find my PPA to be more seamless for upgrading: https://launchpad.net/~freeradius/+archive/stable (yes, it's also mentioned in the wiki: http://wiki.freeradius.org/building/Packages ). It takes a different approach, in that it takes current Debian/Ubuntu packages, and make necessary modification so that you can put 2.2.0 sources and have it build. Some of the changes were too intrusive to be included in the official source (for example, there are different recipes for Hardy/Lucid), but if you're just an end user that have no experience with building packages, you might find this one easier to use. > But of course if you roll your own packages you've got to watch > for security issues when they crop up, and rebuild yourself. With > distro supported packages they tend to patch up the security > issues, though you might be left with older non-security related > bugs unpatched. > > Like Alan wrote: if it says 2.1.10, you have no easy way of > guaranteeing all latest security patches have been applied. > > Popping up on this list and saying you're using an old version is > also likely to get you a lot of 'go away and upgrade' responses, > rather than answers to your question... If you have support from the Ubuntu, it might be better to stick with the provided version. But yes, when asking to this list, the most likely answer would be "upgrade". If one wants to stick to Ubuntu's provided version and wants to ask for security backports, better ask Canonical. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html