radiusd: Create rundir via SMF method script.

net/freeradius/Makefile

@@ -3,6 +3,7 @@
 .include "Makefile.common"
 
 PKGNAME=	${DISTNAME:S/-server//}
+PKGREVISION=	1
 COMMENT=	Free RADIUS server implementation
 
 BUILD_DEFS+=		VARBASE
@@ -29,6 +30,7 @@ CONFIGURE_ARGS+=	--without-rlm_sql_postgresql
 CONFIGURE_ARGS+=	--without-rlm_sql_unixodbc
 
 RCD_SCRIPTS=		radiusd
+SMF_METHODS=		radiusd
 RADIUS_GROUP?=		radiusd
 RADIUS_USER?=		radiusd
 PKG_GROUPS=		${RADIUS_GROUP}
@@ -42,6 +44,12 @@ OWN_DIRS_PERMS+=	${VARBASE}/run/radiusd \
 
 PKG_SYSCONFSUBDIR=	raddb
 
+SUBST_CLASSES+=		secconf
+SUBST_STAGE.secconf=	post-configure
+SUBST_MESSAGE.secconf=	Substituting user and group in radiusd.conf
+SUBST_FILES.secconf=	raddb/radiusd.conf
+SUBST_VARS.secconf=	RADIUS_USER RADIUS_GROUP
+
 FILES_SUBST+=		RADIUS_USER=${RADIUS_USER} RADIUS_GROUP=${RADIUS_GROUP}
 MESSAGE_SUBST+=		BOOTSTRAP=${PKG_SYSCONFDIR}/certs/bootstrap
 

net/freeradius/distinfo

@@ -8,4 +8,5 @@ SHA1 (patch-ai) = e32ffd24b93e2cef2e72ef9a8ea59d49e1571dc0
 SHA1 (patch-configure.ac) = ffec1f851d23f560797c12eba5092f2940e4d662
 SHA1 (patch-main_command.c) = 1c79b29eb13df341906c710c8dd41860a27473dd
 SHA1 (patch-main_util.c) = e8814255c32c8469e81d62f2c7092e8d42744e85
+SHA1 (patch-raddb_radiusd.conf.in) = 353cbed35013777bf055a77cc610b50a637ae7b7
 SHA1 (patch-src_lib_udpfromto.c) = 2457f0a7223b1f3ef86d0af020290b26380e6319

net/freeradius/files/smf/manifest.xml

@@ -19,10 +19,8 @@
     <dependency name='system-log' grouping='optional_all' restart_on='none' type='service'>
       <service_fmri value='svc:/system/system-log' />
     </dependency>
-    <method_context>
-      <method_credential user='@RADIUS_USER@' group='@RADIUS_GROUP@' />
-    </method_context>
-    <exec_method name='start' type='method' exec='@PREFIX@/sbin/radiusd' timeout_seconds='60' />
+    <method_context></method_context>
+    <exec_method name='start' type='method' exec='@PREFIX@/@SMF_METHOD_FILE.radiusd@' timeout_seconds='60' />
     <exec_method name='stop' type='method' exec=':kill' timeout_seconds='60' />
     <property_group name='startd' type='framework'>
       <propval name='ignore_error' type='astring' value='core,signal' />

net/freeradius/files/smf/radiusd.sh

@@ -0,0 +1,14 @@
+#!@SMF_METHOD_SHELL@
+#
+# $NetBSD: radiusd.sh,v 1.1 2020/04/11 16:17:42 ??? Exp $
+#
+
+. /lib/svc/share/smf_include.sh
+
+if [ ! -d @VARBASE@/run/radiusd ]; then
+	@MKDIR@ @VARBASE@/run/radiusd
+	@CHMOD@ 0750 @VARBASE@/run/radiusd
+	@CHOWN@ @RADIUS_USER@:@RADIUS_GROUP@ @VARBASE@/run/radiusd
+fi
+
+@PREFIX@/sbin/radiusd "$@"

net/freeradius/patches/patch-raddb_radiusd.conf.in

@@ -0,0 +1,17 @@
+$NetBSD: patch-raddb_radiusd.conf.in,v 1.2 2020/04/14 14:03:13 ??? Exp $
+
+Update example radiusd.conf to include the correct user/group
+
+--- raddb/radiusd.conf.in.orig	2020-04-15 11:59:38.209113301 +0000
++++ raddb/radiusd.conf.in	2020-04-15 12:00:19.973538936 +0000
+@@ -501,8 +501,8 @@
+ 	#  member.  This can allow for some finer-grained access
+ 	#  controls.
+ 	#
+-#	user = radius
+-#	group = radius
++	user = @RADIUS_USER@
++	group = @RADIUS_GROUP@
+
+ 	#  Core dumps are a bad thing.  This should only be set to
+ 	#  'yes' if you're debugging a problem with the server.