OK, I have changed the ownership of the following files from root:root to root:radiusd<div><br></div><div>server.pem</div><div>ca.pem</div><div>random</div><div>dh</div><div><br></div><div>and now radiusd -X is working.</div>
<div><br></div><div>The problem arisen because the root:root permissions on the abovementioned files.</div><div><br></div><div><br></div><div>Will get back to you for either further questions and or a success message.</div>
<div><br></div><div>Thank you Alan</div><div><br></div><div>George Knight</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br><br><div class="gmail_quote">On Thu, May 1, 2008 at 1:06 PM, George KNIGHT <<a href="mailto:georgeknight@gmail.com">georgeknight@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Permissions are as follow;<div><br></div><div><br><div><br></div><div><div>comp-010:/etc/raddb # dir</div><div>total 289</div>
<div>-rw-r----- 1 root radiusd 718 2008-02-14 10:35 acct_users</div><div>-rw-r----- 1 root radiusd 4187 2008-02-14 10:35 attrs</div>
<div>-rw-r----- 1 root radiusd 516 2008-02-14 10:35 attrs.access_reject</div><div>-rw-r----- 1 root radiusd 501 2008-02-14 10:35 attrs.accounting_response</div><div>-rw-r----- 1 root radiusd 1969 2008-02-14 10:35 attrs.pre-proxy</div>
<div>drwxr-x--- 2 root radiusd 680 2008-04-30 17:48 certs</div><div>-rw-r----- 1 root radiusd 6727 2008-04-30 12:06 clients.conf</div><div>-rw-r----- 1 root radiusd 929 2008-02-14 10:35 dictionary</div><div>-rw-r----- 1 root radiusd 13648 2008-04-30 17:53 eap.conf</div>
<div>-rw-r----- 1 root root 13647 2008-04-25 14:01 eap.conf.orig</div><div>-rw-r----- 1 root radiusd 4609 2008-02-14 10:35 example.pl</div><div>-rw-r----- 1 root radiusd 14536 2008-02-14 10:35 experimental.conf</div>
<div>
-rw-r----- 1 root radiusd 2396 2008-02-14 10:35 hints</div><div>-rw-r----- 1 root radiusd 1604 2008-02-14 10:35 huntgroups</div><div>-rw-r----- 1 root radiusd 2985 2008-02-14 10:35 ldap.attrmap</div><div>-rw-r----- 1 root radiusd 3357 2008-02-14 10:35 otp.conf</div>
<div>-rw-r----- 1 root radiusd 1204 2008-02-14 10:35 policy.conf</div><div>-rw-r----- 1 root radiusd 4922 2008-02-14 10:35 policy.txt</div><div>-rw-r----- 1 root radiusd 1035 2008-02-14 10:35 preproxy_users</div><div>
-rw-r----- 1 root radiusd 17889 2008-02-14 10:35 proxy.conf</div>
<div>-rw-r----- 1 root radiusd 60371 2008-04-30 12:18 radiusd.conf</div><div>-rw-r----- 1 root root 60371 2008-04-25 13:14 radiusd.conf.orig</div><div>drwxr-xr-x 2 root root 120 2008-04-25 10:17 sites-available</div>
<div>drwxr-xr-x 2 root root 72 2008-04-25 10:17 sites-enabled</div><div>-rw-r----- 1 root radiusd 1276 2008-02-14 10:35 snmp.conf</div><div>drw-r----- 6 root radiusd 152 2008-02-14 10:35 sql</div><div>-rw-r----- 1 root radiusd 2533 2008-02-14 10:35 sql.conf</div>
<div>-rw-r----- 1 root radiusd 1988 2008-02-14 10:35 sqlippool.conf</div><div>-rw-r----- 1 root radiusd 3503 2008-02-14 10:35 templates.conf</div><div>-rw-r----- 1 root radiusd 6603 2008-04-30 15:50 users</div><div>comp-010:/etc/raddb # dir ./certs</div>
<div>total 104</div><div>-rw-r----- 1 root root 4210 2008-04-25 10:17 01.pem</div><div>-rwxr-x--- 1 root radiusd 524 2008-02-14 10:35 bootstrap</div><div>-rw-r----- 1 root radiusd 1155 2008-02-14 10:35 ca.cnf</div><div>
-rw-r----- 1 root root 1743 2008-04-25 10:17 ca.key</div><div>-rw-r----- 1 root root 1322 2008-04-25 10:17 ca.pem</div><div>-rw-r----- 1 root radiusd 1109 2008-02-14 10:35 client.cnf</div><div>-rw-r----- 1 root root 245 2008-04-25 10:18 dh</div>
<div>-rw-r----- 1 root root 120 2008-04-25 10:17 index.txt</div><div>-rw-r----- 1 root root 21 2008-04-25 10:17 index.txt.attr</div><div>-rw-r----- 1 root root 0 2008-04-25 10:17 index.txt.old</div><div>-rw-r----- 1 root radiusd 4430 2008-02-14 10:35 Makefile</div>
<div>-rw-r----- 1 root root 5120 2008-04-25 10:18 random</div><div>-rw-r----- 1 root radiusd 5343 2008-02-14 10:35 README</div><div>-rw-r----- 1 root root 3 2008-04-25 10:17 serial</div><div>-rw-r----- 1 root root 3 2008-04-25 10:17 serial.old</div>
<div>-rw-r----- 1 root radiusd 1123 2008-02-14 10:35 server.cnf</div><div>-rw-r----- 1 root root 4210 2008-04-25 10:17 server.crt</div><div>-rw-r----- 1 root root 1062 2008-04-25 10:17 server.csr</div><div>-rw-r----- 1 root root 1743 2008-04-25 10:17 server.key</div>
<div>-rw-r----- 1 root root 2525 2008-04-25 10:17 server.p12</div><div>-rw-r----- 1 root root 3495 2008-04-25 10:17 server.pem</div><div>-rw-r----- 1 root radiusd 578 2008-02-14 10:35 xpextensions</div><div>comp-010:/etc/raddb #</div>
<div><br></div><div><br></div><div><br></div><div>Thank you.</div><div>George</div><font color="#888888"><div><br></div><div><br></div><div><br></div></font></div><div><div></div><div class="Wj3C7c"><div><br></div><div><br>
<div class="gmail_quote">On Thu, May 1, 2008 at 12:47 PM, Alan DeKok <<a href="mailto:aland@deployingradius.com" target="_blank">aland@deployingradius.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>George KNIGHT wrote:<br>
> Running radiusd -X command as a root gives me the following error<br>
> message as I posted here yesterday;<br>
<br>
</div> And the permissions on that directory are... ?<br>
<div><br>
> It says a 'permission denied' and you asked me earlier if I was running<br>
> the command as a root, which the answer is yes. So, how can I overcome<br>
> this problem?<br>
<br>
</div> Can you look at the directory as root, from the shell?<br>
<br>
In this case, the server is just calling OpenSSL... which calls the<br>
normal file API. If that returns "no permission", OpenSSL is at the<br>
mercy of the file system, and FreeRADIUS is at the mercy of OpenSSL.<br>
<br>
If worse comes to worse, for testing do:<br>
<br>
$ cd /etc/raddb<br>
$ chmod -R ug+rwx .<br>
<div><div></div><div><br>
Alan DeKok.<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br></div></div></div></div>
</blockquote></div><br></div>