Kevin Hanser <[EMAIL PROTECTED]> wrote: > So I changed my setup to run the radiusd daemon as root, and tested > again. Sure enough, if radiusd is run as root, I can authenticate > against the system.
Which is why the default is to run as root. See the "user" directive in radiusd.conf, and the comments above it. The only thing missing in the comments is that you might have to create a shadow group, and make /etc/shadow readable by that group. > So now my question is: What security concerns should I have if I run > the radiusd as root? Is there another way to do this that doesn't > require radiusd to run as root? See the comments in radiusd.conf. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
