Following message appears after a successful installation: * Messages for package net-dialup/freeradius-2.2.0: * Users are no longer read from /etc/raddb/radiusd.conf. Please * configure them in /etc/conf.d/radius instead. [...] This does not work. Reproducible: Always Steps to Reproduce: 1. Install freeradius 2. Setup a test User in /etc/conf.d/radius file 3. Setup a NAS-Client to use RADIUS authentication/authorization 3. run freeradius with debug mode "/usr/sbin/radiusd -X" 4. try to authenticate using freeradius Actual Results: freeradius debug error message: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. Expected Results: Possibly freeradius did not find the user in /etc/conf.d/radius file, it is looking in /etc/raddb/users file instead Remove the hint in the post-installation process because it is not true, or not working in the default configuration.
To make it a bit easier to reproduce this. Use the standard shipped gentoo configuration from freeradius, there is postinstall hint howto extract it. * rename the /etc/raddb/users file in f.e. /etc/raddb/users.old * start radius in debug mode with "/usr/sbin/radiusd -X" receive following error message: --- [...] Module: Instantiating module "files" from file /etc/raddb/modules/files files { usersfile = "/etc/raddb/users" acctusersfile = "/etc/raddb/acct_users" preproxy_usersfile = "/etc/raddb/preproxy_users" compat = "no" } reading pairlist file /etc/raddb/users Couldn't open /etc/raddb/users for reading: No such file or directory Errors reading /etc/raddb/users /etc/raddb/modules/files[7]: Instantiation failed for module "files" /etc/raddb/sites-enabled/default[170]: Failed to find "files" in the "modules" section. /etc/raddb/sites-enabled/default[69]: Errors parsing authorize section. --- Logically gentoo freeradius could not start if the users was not included in /etc/conf.d/radius file.
I removed the those configuration suggestions in 2.2.5 and 3.0.2. Anyone facing the daunting task of configuring radiusd is probably better off reading the full documentation anyway. :)