Freeradius DHCP and "Failed adding ARP entry: Failed to add entry in ARP cache: Operation not permitted (1)"
Alan DeKok
aland at deployingradius.com
Mon Aug 2 13:58:14 CEST 2021
On Aug 1, 2021, at 5:18 PM, CpServiceSPb <cpservicespb at gmail.com> wrote:
>
> I tried sudo setcap cap_net_admin=ei /usr/sbin/freeradius.
> Then I checked that it is set up by getcap /usr/sbin/freeradius and it was
> /usr/sbin/freeradius = cap_net_admin+ei
That should work.
> But there is still Failed adding ARP entry: Failed to add entry in ARP
> cache: Operation not permitted (1)
It might be an issue with the OS. Maybe also try upgrading FreeRADIUS.
But... this is all complex, and to be honest, Linux capabilities are not entirely simple. We're doing our best, but it's impossible to know for sure if it works everywhere.
> Also I tried to freerad ALL = (root) NOPASSWD: /usr/sbin/arp to sudoers.d
> file, result is negative.
The server doesn't run the "arp" command. That change isn't necessary.
> Only launching from root user (commenting user = freerad) helps.
> But I don' t run it from root.
You shouldn't run it as root.
Alan DeKok.
More information about the Freeradius-Users
mailing list