Dear all, My client authentications keep failing due to linelog permissions issues: Thu Nov 12 19:22:15 2020 : Auth: (58) Login OK: [xxxxxxxxxxxxxx@anon.com] (from client xxxxxxxxxx port 0 via TLS tunnel) Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied Thu Nov 12 19:22:15 2020 : Auth: (59) Rejected in post-auth: [xxxxxxxxxxx@anon.com] (from client xxxxxxxxxxxx port 13 cli 0ec84fa38cad) There are no issues writing into authentication, accounting, and reply logs. I have set 660 permissions for the linelog module as well. Could someone please help? Or offer a way to bypass this? Authentications are fine once linelog has been commented out in the virtual server configs... but having the linelog would help immensely in monitoring the authentications coming in the hundreds per minute. Thanks in advance.
Hi dear all, it seems that your log folder is at the / path which means the root of the disk. It might be /var/log/radius.... or if you customize it as seen in your "Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied" line. The owner of /radius/log should be user "freerad" in debian/ubuntu case. You should check your log permission accordingly. The issue is related with permission. I hope it helps. İbrahim AKŞİT Best Regards and Wishes Yours Sincerely. On Thu, Nov 12, 2020 at 2:41 PM lingctam <lingctam@hku.hk> wrote:
Dear all,
My client authentications keep failing due to linelog permissions issues:
Thu Nov 12 19:22:15 2020 : Auth: (58) Login OK: [xxxxxxxxxxxxxx@anon.com] (from client xxxxxxxxxx port 0 via TLS tunnel) Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied Thu Nov 12 19:22:15 2020 : Auth: (59) Rejected in post-auth: [ xxxxxxxxxxx@anon.com] (from client xxxxxxxxxxxx port 13 cli 0ec84fa38cad)
There are no issues writing into authentication, accounting, and reply logs. I have set 660 permissions for the linelog module as well. Could someone please help? Or offer a way to bypass this?
Authentications are fine once linelog has been commented out in the virtual server configs... but having the linelog would help immensely in monitoring the authentications coming in the hundreds per minute.
Thanks in advance.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Nov 12, 2020, at 6:37 AM, lingctam <lingctam@hku.hk> wrote
My client authentications keep failing due to linelog permissions issues:
Thu Nov 12 19:22:15 2020 : Auth: (58) Login OK: [xxxxxxxxxxxxxx@anon.com] (from client xxxxxxxxxx port 0 via TLS tunnel) Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied Thu Nov 12 19:22:15 2020 : Error: rlm_linelog: Failed to open /radius/log/linelog-20201112: Permission denied Thu Nov 12 19:22:15 2020 : Auth: (59) Rejected in post-auth: [xxxxxxxxxxx@anon.com] (from client xxxxxxxxxxxx port 13 cli 0ec84fa38cad)
There are no issues writing into authentication, accounting, and reply logs. I have set 660 permissions for the linelog module as well. Could someone please help? Or offer a way to bypass this?
FreeRADIUS does not change the permissions or owners of the log directories. If you *keep* having issues, then something *else* is mangling the permissions. Check the rest of the system, for log rotation scripts, etc. Those are likely breaking FreeRADIUS. Alan DeKok.
participants (3)
-
Alan DeKok -
Ibrahim AKSIT -
lingctam