Jason Wittlin-Cohen <jasonwc@brandeis.edu> wrote:
I have discovered the root of the problem. When I enable the "check_cert_cn = %{User-Name}" option in eap.conf and successfully authenticate 1 user , a restart or stop of the radiusd service leads to a zombie process which needs to be killed with "kill -9". If this option is disabled, as is the default setting, radiusd can be restarted normally without issue. This issue does not occur if either a) no users have attempted to authenticate, or b) users have authenticated but were rejected. Is this a known issue?
No. It's *very* weird. I'll try to take a look at it this week. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog