<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi,<br>
<br>
I got the same issue and I solved it modifying the file :<br>
/usr/local/etc/raddb/radiusd.conf<br>
<br>
I replaced the line :<br>
db_dir = $(raddbdir)<br>
<br>
By :<br>
db_dir = ${raddbdir}<br>
<br>
I use freeRadius 2.0.5 on a freeBSD 6.3<br>
<br>
<br>
<a class="moz-txt-link-abbreviated" href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a> a écrit :
<blockquote
cite="mid:mailman.74483.1226646633.83105.freeradius-users@lists.freeradius.org"
type="cite">
<pre wrap="">
Message: 2
Date: Thu, 13 Nov 2008 18:21:17 -0500
From: Ted Lum <a class="moz-txt-link-rfc2396E" href="mailto:freeradius.org@tedworld.com"><freeradius.org@tedworld.com></a>
Subject: Re: rlm_counter: Failed to open file /etc/raddb/db.daily:
Permission denied
To: Alan DeKok <a class="moz-txt-link-rfc2396E" href="mailto:aland@deployingradius.com"><aland@deployingradius.com></a>
Cc: FreeRadius users mailing list
<a class="moz-txt-link-rfc2396E" href="mailto:freeradius-users@lists.freeradius.org"><freeradius-users@lists.freeradius.org></a>
Message-ID: <a class="moz-txt-link-rfc2396E" href="mailto:491CB66D.2080809@tedworld.com"><491CB66D.2080809@tedworld.com></a>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
The default user and group have not been modified.
The server DOES NOT run as root. It always starts as root, but changes
its self.
...from radiusd.conf
# We STRONGLY recommend that you run the server with as few permissions
# as possible. That is, if you're not using shadow passwords, the
# user and group items below should be set to radius'.
They are:
user = radiusd
group = radiusd
In fact, the db.daily file was created by the application and this is
the sole reason for the file's ownership being what it is.
In addition I have moved the location to /tmp where everyone has
permission and it still fails.
This is a ps after "service start radiusd":
UID PID PPID C STIME TTY TIME CMD
radiusd 6909 1 0 Nov12 ? 00:00:00 /usr/sbin/radiusd
This is a ps after "/usr/sbin/radiusd -X":
UID PID PPID C STIME TTY TIME CMD
radiusd 6998 6933 5 15:48 pts/0 00:00:00 /usr/sbin/radiusd -X
This is a ps after "strace /usr/sbin/radiusd":
UID PID PPID C STIME TTY TIME CMD
radiusd 7004 1 0 15:50 ? 00:00:00 /usr/sbin/radiusd
In all cases its running as radiusd.
So, any more ideas on how to fix this?
-Ted-
Alan DeKok wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Ted Lum wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Any idea how to fix this?
</pre>
</blockquote>
<pre wrap=""> Don't edit the default configuration files to break them.
The default configuration files have the server running as root.
You've changed that to a user who does NOT have permission to read the
configuration files.
</pre>
<blockquote type="cite">
<pre wrap="">Wed Nov 12 21:29:16 2008 : Error: rlm_counter: Failed to open file
/etc/raddb/db.daily: Permission denied
</pre>
</blockquote>
<pre wrap="">...
</pre>
<blockquote type="cite">
<pre wrap="">/etc/raddb
-rw------- 1 radiusd radiusd 12312 Nov 12 21:29 db.daily
</pre>
</blockquote>
<pre wrap=""> The server isn't running as user "radiusd/radiusd". Fix that.
</pre>
<blockquote type="cite">
<pre wrap="">This works:
# /usr/sbin/radiusd -X
</pre>
</blockquote>
<pre wrap=""> Becuse you're running it as root.
</pre>
<blockquote type="cite">
<pre wrap="">This works:
# strace /usr/sbin/radiusd
</pre>
</blockquote>
<pre wrap=""> Because you're running it as root.
</pre>
<blockquote type="cite">
<pre wrap="">This does not work:
# service radiusd start
Starting RADIUS server: [FAILED]
</pre>
</blockquote>
<pre wrap=""> Because it changes UID's, and does not run as root.
Alan DeKok.
</pre>
</blockquote>
<pre wrap=""><!---->
</pre>
</blockquote>
<br>
<br>
<div class="moz-signature">-- <br>
<meta http-equiv="CONTENT-TYPE" content="text/html; ">
<title></title>
<meta name="GENERATOR" content="OpenOffice.org 3.0 (Win32)">
<meta name="AUTHOR" content="Romain Mercier">
<meta name="CREATED" content="20081112;11504200">
<meta name="CHANGEDBY" content="Romain Mercier">
<meta name="CHANGED" content="20081112;12203300">
<meta name="Info 1" content="">
<meta name="Info 2" content="">
<meta name="Info 3" content="">
<meta name="Info 4" content="">
<style type="text/css">
<!--
@page { margin: 2cm }
P { margin-bottom: 0.21cm }
-->
</style>
<table style="page-break-before: always;" border="0" cellpadding="0"
cellspacing="2" width="700">
<col width="160"> <col width="540"> <tbody>
<tr>
<td width="160">
<p style="margin-bottom: 0cm;" align="center"><img
src="cid:part1.09040403.03050605@univ-angers.fr"
name="Université d'Angers" border="0" height="42" width="148"><br
clear="CENTER">
<br>
<img src="cid:part2.06060405.00050800@univ-angers.fr"
name="UNR Pays de la Loire" border="0" height="42" width="81"></p>
</td>
<td width="540">
<p style="margin-bottom: 0cm; font-weight: normal;"><font
face="Zeroes Three UnivAngers" size="4">Romain Mercier</font></p>
<p style="margin-bottom: 0cm;"><font color="#666666"
face="Zeroes Three UnivAngers" size="2">Université d'Angers -
Direction des Systèmes d'Infrormation <br>
Service Systèmes et Réseaux <br>
Tel/Fax : 02-41-22-67-62/51 <br>
@ : <a class="moz-txt-link-abbreviated" href="mailto:romain.mercier@univ-angers.fr">romain.mercier@univ-angers.fr</a></font></p>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>