SOLVED: Found the problem. Its the dreaded SELinux. Its tripping over
one of the policies.
Ted Lum wrote:
Wow, had to look at that for a while before I spotted the difference.
Mine, however, already uses {}, so that's not it either. Thanks though.
-Ted-
Romain Mercier wrote:
Hi,
I got the same issue and I solved it modifying the file :
/usr/local/etc/raddb/radiusd.conf
I replaced the line :
db_dir = $(raddbdir)
By :
db_dir = ${raddbdir}
I use freeRadius 2.0.5 on a freeBSD 6.3
[EMAIL PROTECTED] a écrit :
Message: 2
Date: Thu, 13 Nov 2008 18:21:17 -0500
From: Ted Lum <[EMAIL PROTECTED]>
Subject: Re: rlm_counter: Failed to open file /etc/raddb/db.daily:
Permission denied
To: Alan DeKok <[EMAIL PROTECTED]>
Cc: FreeRadius users mailing list
<[email protected]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
The default user and group have not been modified.
The server DOES NOT run as root. It always starts as root, but
changes its self.
...from radiusd.conf
# We STRONGLY recommend that you run the server with as few
permissions
# as possible. That is, if you're not using shadow passwords, the
# user and group items below should be set to radius'.
They are:
user = radiusd
group = radiusd
In fact, the db.daily file was created by the application and this
is the sole reason for the file's ownership being what it is.
In addition I have moved the location to /tmp where everyone has
permission and it still fails.
This is a ps after "service start radiusd":
UID PID PPID C STIME TTY TIME CMD
radiusd 6909 1 0 Nov12 ? 00:00:00 /usr/sbin/radiusd
This is a ps after "/usr/sbin/radiusd -X":
UID PID PPID C STIME TTY TIME CMD
radiusd 6998 6933 5 15:48 pts/0 00:00:00 /usr/sbin/radiusd -X
This is a ps after "strace /usr/sbin/radiusd":
UID PID PPID C STIME TTY TIME CMD
radiusd 7004 1 0 15:50 ? 00:00:00 /usr/sbin/radiusd
In all cases its running as radiusd.
So, any more ideas on how to fix this?
-Ted-
Alan DeKok wrote:
Ted Lum wrote:
Any idea how to fix this?
Don't edit the default configuration files to break them.
The default configuration files have the server running as root.
You've changed that to a user who does NOT have permission to read the
configuration files.
Wed Nov 12 21:29:16 2008 : Error: rlm_counter: Failed to open file
/etc/raddb/db.daily: Permission denied
...
/etc/raddb
-rw------- 1 radiusd radiusd 12312 Nov 12 21:29 db.daily
The server isn't running as user "radiusd/radiusd". Fix that.
This works:
# /usr/sbin/radiusd -X
Becuse you're running it as root.
This works:
# strace /usr/sbin/radiusd
Because you're running it as root.
This does not work:
# service radiusd start
Starting RADIUS server: [FAILED]
Because it changes UID's, and does not run as root.
Alan DeKok.
--
Romain Mercier
Université d'Angers - Direction des Systèmes d'Infrormation
Service Systèmes et Réseaux
Tel/Fax : 02-41-22-67-62/51
@ : [EMAIL PROTECTED]
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>,
and is
believed to be clean.
------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
