Adam Osuchowski wrote: > what exactly should be placed in directory which freeradius 2.1 chroots > to? I tried to configure chrooted environment for freeradius and I had > to place all rlm_*.so (along with dependencies) and dictionary.* files > inside chroot directory because chroot() is called earlier than these > files are read.
Yes. > Even if I put modules names in instantiate section, it > doesn't help. Also, putting these files under current directory is not > a solution due to modules dependencies. Am I doing something wrong > or it is impossible to jail freeradius into empty (or containing only > /dev/log and /dev/urandom devices) directory? The server needs a lot of files in order for it to work properly. Deleting *everything* in a chroot is just too problematic. > IMHO, it would be more logical to chroot after all initialization work > was done and all files have been read. Great. Fix it, and send a patch. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
