(RADIATOR) Ownership of logfiles
Hugh Irvine
hugh at open.com.au
Wed Aug 13 05:48:54 CDT 2003
Hello Andrew -
Your analysis is correct - so is your workaround.
I have copied this mail to Mike who may have additional comments.
regards
Hugh
On Wednesday, Aug 13, 2003, at 19:04 Australia/Melbourne, Andrew
Stevenson wrote:
> Hi,
>
> I am having a problem with the ownership of radiator log files. I think
> what's going on is this:
>
> 1) I start radiator as root.
> 2) radiator creates a new logfile, owned by root, permissions set to
> 644.
> 3) radiator closes this log file.
> 4) radiator setuid and setgids according to the User and Group
> directives
> in my config file.
> 5) radiator tries to open the file for writing and gets permission
> denied.
>
> The net effect is I get written to the log file Wed Aug 13 18:57:05
> 2003:
> DEBUG: Finished reading configuration file '/blah/config.cfg'
>
> and on stderr lines like:
>
> Could not append 'Wed Aug 13 18:57:05 2003: DEBUG: Reading dictionary
> file
> '/usr/local/etc/radiator/raddb/dictionary'' to log file
> '/var/log/blah/logfile-20030813': Permission denied at
> /usr/local/lib/perl5/site_perl/5.8.0/Radius/LogFILE.pm line 74.
>
>
> Is my guessing correct? Is this a configuration problem or just a bug?
> I
> can work around it by creating the log file before running radiator for
> the first time (and later log file creation happens after setuid).
>
> Thanks,
>
> Andrew
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list