On Mon, 06 Jun 2005 18:13:32 -0400 "Alan DeKok" <aland@ox.org> wrote:
Marcin Jessa <lists@yazzy.org> wrote:
The way I understand it, say a PHP script used to HUP radiusd would get executed as the httpd user. In that case the httpd deamon would need to be added to the sudoers group like this: www your.server = NOPASSWD: /usr/local/sbin/radiusd How else can this be done?
Huh? why would you permit user www to run radiusd?
You need to send a HUP signal to radiusd. You don't need to run it.
I never said I want to run radiusd as www user. Web scripts get executed as the www user. That way I need to grand apache access to HUP radiusd and that can be done with sudo adding www user to the sudoers file and allowing it to exec /usr/local/sbin/radiusd. That is the only solution I can think of to be able to HUP radiusd running a script from web interface. That's the whole point, I wished there was a better way to do that. The perfect solution would be to have radiusd reread the nas table when it gets changed. Cheers, Marcin