Hi!
To explain why I can't use the 3.x is that we're using package that receives the Freeradius call and do a REST API call to a distant server, and this package is only available for Freeradius 2.x at the moment... :(
Ahh I see.
I've got good news: I try to disable SELinux and it works!!!
Ok, then it's definitely a SELinux call.
#============= radiusd_t ============== allow radiusd_t user_tmp_t:file execute;
This you now turn into a SELinux policy: Run: audit2allow -a -M radiusd_shellexecute Then run: semodule -i radiusd_shellexecute.pp This should install the new policy into SELinux and give radiusd the rights to execute a shell and run your script. I would, for safety sake, run 'cat radiusd_shellexecute.te' before the 'semodule -i' call to see what the policy is that audit2allow generated. If unsure, paste the contents of the radiusd_shellexecute.te file here... we'll have a look. ;-) Stefan Paetow Moonshot Industry & Research Liaison Coordinator t: +44 (0)1235 822 125 gpg: 0x3FCE5142 xmpp: stefanp@jabber.dev.ja.net skype: stefan.paetow.janet Lumen House, Library Avenue, Harwell Oxford, Didcot, OX11 0SG jisc.ac.uk Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800. Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under Company No. number 2881024, VAT No. GB 197 0632 86. The registered office is: Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T 01235 822200.