(RADIATOR) Permission deny on logfile when running as non root

Markus Moeller huaraz at moeller.plus.com
Wed Jan 30 16:44:32 CST 2008 

That is possible but I would expect the daemon to change the file ownership 
before switching id.

Thanks
Markus

----- Original Message ----- 
From: "Hugh Irvine" <hugh at open.com.au>
To: "Markus Moeller" <huaraz at moeller.plus.com>
Cc: <radiator at open.com.au>
Sent: Wednesday, January 30, 2008 9:45 PM
Subject: Re: (RADIATOR) Permission deny on logfile when running as non root


>
> Hello Markus -
>
> Here are a couple of suggestions:
>
> Make sure the logfile exists with the appropriate permissions before 
> starting
>
> Set the umask of the Radiator process (or a parent), so that the  logfile 
> is
> created with appropriate default permissions
>
> regards
>
> Hugh
>
>
> On 31 Jan 2008, at 07:22, Markus Moeller wrote:
>
>> If I configure raditor to switch user and group to non root I get  the 
>> following error when starting up the daemon. The directory was  empty and 
>> my other logfiles (authlog, etc) are created OK, whereas  this seems to 
>> be created when the process has root privs and once  switched to non root 
>> can not access anymore the logfile.
>>
>> Could not append 'Wed Jan 30 17:53:44 2008: DEBUG: Creating 
>> authentication port 0.0.0.0:1645' to log file '/var/log/radius/ logfile': 
>> Permission
>> denied at /usr/perl5/site_perl/5.8.4/Radius/LogFILE.pm line 81.
>> Is that a configuration issue ?
>>
>> Thank you
>> Markus
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/ 
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> Have you checked the RadiusExpert wiki:
> http://www.open.com.au/wiki/index.php/Main_Page
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list