Re: Radius choices now that freeradius has been dropped from woody.
On Tue, Apr 16, 2002 at 08:40:31AM +0200, J.H.M. Dassen (Ray) wrote: > On Tue, Apr 16, 2002 at 00:28:04 -0400, Chuck Peters wrote: > > One of our techs wants to use freeradius on a production box, but now that > > it has been dropped from woody I would rather use something else. > > Looking at > http://ftp-master.debian.org/testing/update_excuses.html#radiusd-freeradius > the one problematic bug can be worked around by compiling from source - you > could consider having both testing and unstable in the box's sources.list, > pinning it to testing, but using freeradius from unstable. > We use potato on all our production boxes because of the security teams recommendations. However, we also add things we need and compile from source where necessary, as sticking with potato in the current scheme of release dates and release date procedures in the debian system is, to put it mildly, slow. Without going into any kind of flame war on the distributions of debian, I think many people will agree that it's awfully slow and that's one of the largest problems with debian. Having said that, I can appreciate some of the reasons why it is slow, but not others. I firmly believe that using source from other distributions is the way to go for having a stable and more modern system. Just because the debian team dropped a package from the next distro because it has two bugs and one wishlist item is pretty silly. USe the source, that's what it's there for. - j -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Radius choices now that freeradius has been dropped from woody.
i agree with you that those side effects are possible, but i really think that the best of the world is a good trade off. We run quite a bunch of debian based systems, all on potato actually, but all of them runs some soft which are needed, form unstable. The thing is to test before pushing the update to the prod servers. this is, i totally agree, sometimes a pain, but this is really , imho, the thing to run with. JeF On Tue, Apr 16, 2002 at 03:03:39AM -0400, Chuck Peters wrote: > On Tue, 16 Apr 2002, J.H.M. Dassen (Ray) wrote: > > > On Tue, Apr 16, 2002 at 00:28:04 -0400, Chuck Peters wrote: > > > One of our techs wants to use freeradius on a production box, but now that > > > it has been dropped from woody I would rather use something else. > > > > Looking at > > http://ftp-master.debian.org/testing/update_excuses.html#radiusd-freeradius > > the one problematic bug can be worked around by compiling from source - you > > could consider having both testing and unstable in the box's sources.list, > > pinning it to testing, but using freeradius from unstable. > > I don't like the idea of doing that on production boxes running multiple > services becuase it seems likely that some security update will cause a > cascade of upgrades or break something. Most of the time unstable stuff > works fine, but sometimes it bites you in the ass. Maybe if we setup a > seperate box running not much other than the freeraduis it could be ok. > > At > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=142217&repeatmerged=yes > it says "radiusd-freeradius is too buggy. This is a grave bug, by Policy > s2.1.2. Maybe it will be ready for Woody+1." > > What does the Woody+1 mean, a minor release/update to woody or does it > mean sid? > > Thanks, > Chuck > > > > > > > > Ray > > -- > > People think I'm a nice guy, and the fact is that I'm a scheming, conniving > > bastard who doesn't care for any hurt feelings or lost hours of work if it > > just results in what I consider to be a better system. > > Linus Torvalds on the linux-kernel list > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- -> Jean-Francois Dive --> [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Radius choices now that freeradius has been dropped from woody.
On Tue, Apr 16, 2002 at 03:03:39AM -0400, Chuck Peters wrote: > At > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=142217&repeatmerged=yes > it says "radiusd-freeradius is too buggy. This is a grave bug, by Policy > s2.1.2. Maybe it will be ready for Woody+1." > > What does the Woody+1 mean, a minor release/update to woody or does it > mean sid? It means the next release after woody (i.e. the suite that will be "testing" after woody is released). Sid will never be released. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Radius choices now that freeradius has been dropped from woody.
On Tue, 16 Apr 2002, J.H.M. Dassen (Ray) wrote: > On Tue, Apr 16, 2002 at 00:28:04 -0400, Chuck Peters wrote: > > One of our techs wants to use freeradius on a production box, but now that > > it has been dropped from woody I would rather use something else. > > Looking at > http://ftp-master.debian.org/testing/update_excuses.html#radiusd-freeradius > the one problematic bug can be worked around by compiling from source - you > could consider having both testing and unstable in the box's sources.list, > pinning it to testing, but using freeradius from unstable. I don't like the idea of doing that on production boxes running multiple services becuase it seems likely that some security update will cause a cascade of upgrades or break something. Most of the time unstable stuff works fine, but sometimes it bites you in the ass. Maybe if we setup a seperate box running not much other than the freeraduis it could be ok. At http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=142217&repeatmerged=yes it says "radiusd-freeradius is too buggy. This is a grave bug, by Policy s2.1.2. Maybe it will be ready for Woody+1." What does the Woody+1 mean, a minor release/update to woody or does it mean sid? Thanks, Chuck > > Ray > -- > People think I'm a nice guy, and the fact is that I'm a scheming, conniving > bastard who doesn't care for any hurt feelings or lost hours of work if it > just results in what I consider to be a better system. > Linus Torvalds on the linux-kernel list > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Radius choices now that freeradius has been dropped from woody.
On Tue, Apr 16, 2002 at 00:28:04 -0400, Chuck Peters wrote: > One of our techs wants to use freeradius on a production box, but now that > it has been dropped from woody I would rather use something else. Looking at http://ftp-master.debian.org/testing/update_excuses.html#radiusd-freeradius the one problematic bug can be worked around by compiling from source - you could consider having both testing and unstable in the box's sources.list, pinning it to testing, but using freeradius from unstable. Ray -- People think I'm a nice guy, and the fact is that I'm a scheming, conniving bastard who doesn't care for any hurt feelings or lost hours of work if it just results in what I consider to be a better system. Linus Torvalds on the linux-kernel list -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Radius choices now that freeradius has been dropped from woody.
One of our techs wants to use freeradius on a production box, but now that it has been dropped from woody I would rather use something else. We do want LDAP support and some kind of user accounting to limit users time. What do you all suggest? Thanks, Chuck -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]