(RADIATOR) Switch to non root id and logfile ownership
Markus Moeller
huaraz at moeller.plus.com
Sat Feb 23 07:58:33 CST 2008
> Hi,
>
> On Fri, 22 Feb 2008, Markus Moeller wrote:
> </snipp>
>>> I was thinking specifically of the case were radiator tries to
>>> log something before it has read the config and thus parsed
>>> the user and group from the config.
>>>
>>> There are a couple of places in Radius::Configurable::parse where
>>> radiator writes to the log. Radiator also loads perl modules on demand
>>> while parsing the config causing further code to be run.
>>>
>>
>> Fair point. There could be such situations. Ideally just before changeing
>> the uid/gid all already opened logfiles need to change ownership.
>
> radiator does not keep logfiles open. It just opens, appends, closes.
> So one would have to keep track of which logs have already been appended
> to. Easy enough to do but somewhat kludgy.
>
> In cases where it matters I prefer to just start radiator with the
> correct uid/gid out of the startup scripts using su.
>
su doesn't work in my case as I run Radiator as TACAC+ server. It then
listens on port 49 and only root has access to that port.
> Greetings
> Christian
>
> --
> Christian Kratzer CK Software GmbH
> Email: ck at cksoft.de Schwarzwaldstr. 31
> Phone: +49 7452 889 135 D-71131 Jettingen
> Fax: +49 7452 889 136 HRB 245288, Amtsgericht Stuttgart
> Web: http://www.cksoft.de/ Geschaeftsfuehrer: Christian
> Kratzer
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
Regards
Markus
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list