After an update of IPFire to core183, Freeradius refuses to start. No logs are written. Manual debugging shows a version mismatch of libssl and freeradius: # /usr/sbin/radiusd -X -d /etc/raddb libssl version mismatch. built: 30100020 linked: 30200010 Thanks for reading.
Can you try to back up your configuration, uninstall the package and install it again, please?
@Michael If freeradius is linked to openssl then presumably freeradius has to have its PAK_VER bumped and be shipped with the core update. If my understanding is correct then I can do a patch submission to bump and ship freeradius for CU184.
Yes, this would be the fix. A reinstall would confirm that. I forgot to mention that it would be a good idea to empty the package cache in /var/cache/pakfire before install.
What do I have to do to reinstall only the patched freeradius package? Can I leave IPFire as it is and do only a reinstall of freeradius? Will the freeradius configuration be affected/deleted?
(In reply to datamorgana from comment #4) > Will the freeradius configuration be affected/deleted? It should be automatically be backed up, but just to be sure, have a backup. > What do I have to do to reinstall only the patched freeradius package? > Can I leave IPFire as it is and do only a reinstall of freeradius? Yes, you only need to reinstall the freeradius package.
Thanks! And how will I receive notice of the newly updated freeradius package? Will it be listed in Packfire's "Available Updates" after a click on "Refresh List" while still having not uninstalled the package, or do I need to uninstall the package first and "Refresh List" or just wait?
(In reply to Michael Tremer from comment #3) > Yes, this would be the fix. A reinstall would confirm that. > > I forgot to mention that it would be a good idea to empty the package cache > in /var/cache/pakfire before install. # ls -la freeradius* -rw-r--r-- 1 root root 2403485 Nov 18 2020 freeradius-3.0.21-12.ipfire -rw-r--r-- 1 root root 2403944 Mar 28 2021 freeradius-3.0.21-13.ipfire -rw-r--r-- 1 root root 1925542 Oct 25 2021 freeradius-3.0.23-14.ipfire -rw-r--r-- 1 root root 1946169 Nov 4 2022 freeradius-3.0.23-15.ipfire -rw-r--r-- 1 root root 1945708 Mar 7 2023 freeradius-3.0.23-16.ipfire -rw-r--r-- 1 root root 1969214 Jun 17 2023 freeradius-3.0.26-17.ipfire -rw-r--r-- 1 root root 1975527 Jul 19 2023 freeradius-3.0.26-18.ipfire -rw-r--r-- 1 root root 1999033 Oct 13 16:49 freeradius-3.2.3-19.ipfire All of them, or just freeradius-3.0.21-12.ipfire?
(In reply to datamorgana from comment #7) > (In reply to Michael Tremer from comment #3) > All of them, or just freeradius-3.0.21-12.ipfire? Sorry, I meant the latest, freeradius-3.2.3-19.ipfire but it would probably safe to just delete all.
All is fine. The older ones won't be used anyways.
freeradius patch with incremented PAK_VER has been submitted. https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/thread/7MP72LCWTEXMU3NQW63XNHQY7R46STWX/ https://patchwork.ipfire.org/project/ipfire/patch/20240215204757.3824207-1-adolf.belka@ipfire.org/
Merged into master.
I did a successful re-install of the addon freeradius-3.2.3-19. Tests with the patched freeradius were also successful. Thanks a lot! I will set the issue to CLOSED / FIXED.
After update to "IPFire 2.29 (x86_64) - Core-Update 195" on 2025-07-03, Freeradius won't start. Here is the debug log, captured with: # /usr/sbin/radiusd -X 2>&1 | tee /var/log/radius/debug.1.log libssl version mismatch. built: 30400000 linked: 30500000 Reopening bug #13590 from 2024-02-15 16:26:02 UTC Thanks
Reopened.
(In reply to datamorgana from comment #14) > Reopened. Thank you. This will be fixed in c196.
The bumped radius is available via CU196 Testing.
This can only be tested by a user that already had freeradius installed in CU194 prior to the latest bump. In any of my testing with CU195 or CU196 installing freeradius gives a working system as the install uses the bumped version with the correct openssl version. Testing confirmation will need to be carried out by the original bug reporter.
So this time it doesn't suffice to delete the cached /var/cache/pakfire/freeradius-3.2.6-23.ipfire, does it? Unfortunately I do not have a testing environment for IPFire, so if you could be so kind and direct me to the bumped version of freeradius-3.2.6-23.ipfire so that I can install, test and confirm it. Thanks.
(In reply to datamorgana from comment #18) > So this time it doesn't suffice to delete the cached > /var/cache/pakfire/freeradius-3.2.6-23.ipfire, does it? Unfortunately I do > not have a testing environment for IPFire, so if you could be so kind and > direct me to the bumped version of freeradius-3.2.6-23.ipfire so that I can > install, test and confirm it. Thanks. You can delete the cached version and re-install and it will fix your problem but I am not sure if it tests the change we have made or not. The simplest way would be to change the system to the Testing version and see if that fixed it but if that is something that you can't do then I think we will have to leave it as it is. The change is simple enough that I am certain it will fix this problem.
https://www.ipfire.org/blog/ipfire-2-29-core-update-196-released