Running radiusd as an unprivileged user
Marcin Jessa
lists at yazzy.org
Wed Jun 1 23:29:52 CEST 2005
Hi Andrey.
Edit your radiusd.conf and uncomment:
#user = nobody
#group = nobody
You can manually add new users the radius will run as. Propaly the easiest way is to run vipw and copy line from some other service, change the uid, gid and the username, edit /etc/group and put there your group as well.
Something like this should do on FreeBSD:
radiusd:*:101:101::0:0:Radius Daemon:/var/log/radius:/usr/sbin/nologin
Or Linux
radiusd:x:101:101:Radius Daemon:/var/log/radius:/bin/false
and in /etc/group
radiusd:*:101:
chown -R radiusd:radiusd your log file and propaly the config files
Then it should look something like:
#ps auxww | grep rad
radiusd 81708 0.0 1.0 9316 4944 ?? Ss 11:26PM 0:00.01 /usr/local/sbin/radiusd
Cheers,
Marcin
On Wed, 1 Jun 2005 16:49:37 -0400
Andrey <andrey at latestwave.com> wrote:
> Hi everyone,
>
> Just a quick question about running radiusd as a user other than root. Do I need
> to compile the server as that user? And do I need to do anything else other than
> uncomment the lines in radius.conf?
>
> Is there a help/doc file about this?
>
> Thanks a bunch.
>
> ========
> Andrey
>
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list