On Mon, Nov 18, 2002 at 09:36:38PM +1100, Adrian Chadd wrote: > >.. > >auth: type "System" > >modcall: entering group authenticate > >rlm_unix: got: * > >rlm_unix: [tom2]: invalid password > >.. > > > > Under FreeBSD, the getpwent manpage says this: > > These routines have been written to ``shadow'' the password file, > e.g. > allow only certain programs to have access to the encrypted > password. If > the process which calls them has an effective uid of 0, the > encrypted > password will be returned, otherwise, the password field of the > returned > structure will point to the string `*'. > > ... and I bet you're not running radiusd as root. If you can coax the > radius server to > run as root, just as a test, see what happens. If it still doesn't work > I'll be quite surprised.
yes, it works when running as root. In the meantime I found another solution: I configured the passwd file in radiusd to be /etc/master.passwd, chowned /etc/master.passwd to daemon (+ chmod 600) and run radiusd as daemon. This works well. From the security point of view this is no problem, since the radius daemon runs inside a chroot anyway. kind regards and thanks a lot, Tom -- Thomas Linden <[EMAIL PROTECTED]>, I Z B Informatik-Zentrum Muenchen-Frankfurt a.M. GmbH & Co.KG, Internet Service Providing OE532 Tel:089/2171-27998, Fax:089/2171-27995, http://www.izb.de - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
