NAS info + MySQL

Marcin Jessa lists at yazzy.org
Tue Jun 7 00:55:57 CEST 2005


On Mon, 06 Jun 2005 18:13:32 -0400
"Alan DeKok" <aland at ox.org> wrote:

> Marcin Jessa <lists at yazzy.org> wrote:
> > The way I understand it, say a PHP script used to HUP radiusd would get executed as the httpd user. In that case the httpd deamon would need to be added to the sudoers group like this:
> > www     your.server = NOPASSWD: /usr/local/sbin/radiusd
> > How else can this be done?
> 
>   Huh?  why would you permit user www to run radiusd?
> 
>   You need to send a HUP signal to radiusd.  You don't need to run it.
> 


I never said I want to run radiusd as www user.
Web scripts get executed as the www user. That way I need to grand apache access to HUP radiusd and that can be done with sudo adding www user to the sudoers file and allowing it to exec /usr/local/sbin/radiusd.
That is the only solution I can think of to be able to HUP radiusd running a script from web interface.
That's the whole point, I wished there was a better way to do that. 
The perfect solution would be to have radiusd reread the nas table when it gets changed.

Cheers,
Marcin



More information about the Freeradius-Users mailing list