Hi, I've tried to, temporarely, run the radius-server with main: user = "root" with success.
I've checked the permissions on the following file & folders but I know too little about file- & folderpermissions in Linux. I hope somebody can help me spot any problems! # ls -la /etc/raddb/ -rw-r--r-- 1 root radiusd 422 Oct 5 02:13 acct_users -rw-r--r-- 1 root radiusd 3454 Oct 5 02:13 attrs drw-r----- 3 root radiusd 472 Jan 11 14:36 certs drw-r----- 3 root root 472 Jan 11 15:30 certs_backup -rw-r----- 1 root radiusd 3003 Jan 11 15:19 clients.conf -rw-r--r-- 1 root root 3004 Jan 11 14:39 clients.conf~ -rw-r--r-- 1 root root 3280 Jan 11 16:28 debug.txt -rw-r--r-- 1 root radiusd 929 Oct 5 02:13 dictionary -rw-r----- 1 root radiusd 9098 Jan 11 16:46 eap.conf -rw-r--r-- 1 root root 9099 Jan 11 15:47 eap.conf~ -rw-r--r-- 1 root radiusd 2396 Oct 5 02:13 hints -rw-r--r-- 1 root radiusd 1604 Oct 5 02:13 huntgroups -rw-r--r-- 1 root radiusd 2333 Oct 5 02:13 ldap.attrmap -rw-r----- 1 root radiusd 9330 Oct 5 02:13 mssql.conf -rw-r----- 1 root radiusd 856 Oct 5 02:13 naspasswd -rw-r----- 1 root radiusd 14108 Oct 5 02:13 postgresql.conf -rw-r----- 1 root radiusd 531 Oct 5 02:13 preproxy_users -rw-r----- 1 root radiusd 8862 Oct 5 02:13 proxy.conf -rw-r--r-- 1 root radiusd 57046 Jan 14 15:23 radiusd.conf -rw-r--r-- 1 root root 57059 Jan 14 15:16 radiusd.conf~ -rw-r----- 1 root radiusd 1405 Oct 5 02:13 snmp.conf -rw-r----- 1 root radiusd 13892 Oct 5 02:13 sql.conf -rw-r----- 1 root radiusd 7068 Jan 11 15:29 users -rw-r--r-- 1 root root 7028 Jan 11 14:41 users~ -rw-r--r-- 1 root radiusd 7267 Oct 5 02:13 x99.conf -rw-r----- 1 root radiusd 4165 Oct 5 02:13 x99passwd.sample # ls -la /etc/raddb/certs/ -rw-r----- 1 root radiusd 431 Oct 5 02:14 README -rw-r----- 1 root radiusd 721 Oct 5 02:14 cert-clt.der -rw-r----- 1 root radiusd 1741 Oct 5 02:14 cert-clt.p12 -rw-r----- 1 root radiusd 2452 Oct 5 02:14 cert-clt.pem -rw-r----- 1 root radiusd 717 Oct 5 02:14 cert-srv.der -rw-r----- 1 root radiusd 1733 Oct 5 02:14 cert-srv.p12 -rw-r----- 1 root radiusd 2439 Oct 5 02:14 cert-srv.pem drw-r----- 2 root radiusd 200 Jan 11 14:36 demoCA -rw-r----- 1 root radiusd 0 Oct 5 02:14 dh -rw-r----- 1 root radiusd 2913 Oct 5 02:14 newcert.pem -rw-r----- 1 root radiusd 1753 Oct 5 02:14 newreq.pem -rw-r----- 1 root radiusd 1024 Oct 5 02:14 random -rw-r----- 1 root radiusd 954 Oct 5 02:14 root.der -rw-r----- 1 root radiusd 1973 Oct 5 02:14 root.p12 -rw-r----- 1 root radiusd 2764 Oct 5 02:14 root.pem # ls -la /etc/raddb/certs/demoCA/ -rw-r----- 1 root radiusd 1346 Oct 5 02:14 cacert.pem -rw-r----- 1 root radiusd 276 Oct 5 02:14 index.txt -rw-r----- 1 root radiusd 140 Oct 5 02:14 index.txt.old -rw-r----- 1 root radiusd 3 Oct 5 02:14 serial -rw-r----- 1 root radiusd 3 Oct 5 02:14 serial.old //Thomas -----Original Message----- From: [EMAIL PROTECTED] on behalf of Zoltan Ori Sent: Thu 2005-01-13 18:43 To: [email protected] Cc: Subject: Re: Permission denied on certificate-files On Thursday 13 January 2005 09:16, Hedenborg Thomas wrote: > Don't you mean that root is the main user? > > -rw-r--r-- 1 root radiusd 1346 Oct 5 02:14 certs/demoCA/cacert.pem > > main: user = "radiusd" > main: group = "radiusd" It came from the debug listing you posted. If, when logged in a terminal session as user 'radiusd', you can read '/etc/raddb/certs/demoCA/cacert.pem', then your problem might be elsewhere. If you can't read it, then something is wrong with permissions. I don't think you want to run the server as root. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<<winmail.dat>>
