[RADIATOR] logfile permissions
Klara Mall
klara.mall at kit.edu
Sun Apr 10 18:14:05 CDT 2011
Hi,
I noticed that there's a problem when you start radiator for the
first time (i.e. with nonexistent logfile) and User is set to some
non-root user. The logfile is created when radiator is still running
as root (at least when debug log is enabled), so it's not writable
anymore for the radiator process after the effective user id has
been changed.
What I did to fix it:
--- a/Radius/ServerConfig.pm
+++ b/Radius/ServerConfig.pm
@@ -530,9 +530,24 @@
# Only change if it not the same already
if ($> != $uid)
{
- $> = $uid;
- $self->log($main::LOG_ERR, "Could not set User to $self->{User} (got $>): $!")
- unless $> == $uid;
+ # Try to change log file owner first if log file exists
+ my $logfile = &Radius::Util::format_special($self->{LogFile});
+ if (-e $logfile) {
+ my $cnt = chown $uid, -1, $logfile;
+ if ($cnt == 1) {
+ $> = $uid;
+ $self->log($main::LOG_ERR, "Could not set User to $self->{User} (got $>): $!")
+ unless $> == $uid;
+ }
+ else {
+ $self->log($main::LOG_ERR, "Could not change log file $logfile owner to $self->{User}: $!");
+ }
+ }
+ else {
+ $> = $uid;
+ $self->log($main::LOG_ERR, "Could not set User to $self->{User} (got $>): $!")
+ unless $> == $uid;
+ }
}
}
else
Regards
Klara
--
Karlsruher Institut für Technologie (KIT)
Steinbuch Centre for Computing (SCC)
Klara Mall
Netze und Kommunikation (NET)
Hermann-von-Helmholtz-Platz 1
76344 Eggenstein-Leopoldshafen
Telefon: +49 721 608-28630
E-Mail: klara.mall at kit.edu
Web: http://www.scc.kit.edu
KIT - Universität des Landes Baden-Württemberg und
nationales Forschungszentrum in der Helmholtz-Gemeinschaft
More information about the radiator
mailing list