NAS info + MySQL
Marcin Jessa
lists at yazzy.org
Tue Jun 7 10:20:57 CEST 2005
On Mon, 06 Jun 2005 21:41:22 -0400
"Alan DeKok" <aland at ox.org> wrote:
> Marcin Jessa <lists at yazzy.org> wrote:
> > Web scripts get executed as the www user. That way I need to grand
> > apache access to HUP radiusd and that can be done with sudo adding
> > www user to the sudoers file and allowing it to exec
> > /usr/local/sbin/radiusd.
>
> The only thing that needs non-WWW permissions is a script which does:
>
> #!/bin/sh
> [ -f /var/log/radius/radiusd.pid] && kill -HUP `cat /var/log/radius/radiusd.pid`
>
> It doesn't need to exec radiusd.
I was hoping I would not need to explain it one more time.
It does not metter what kind of signal httpd sends to radiusd, it would still need to be able to execute the command as a privileged user.
> > The perfect solution would be to have radiusd reread the nas table
> > when it gets changed.
>
> You've said that a number of times. We're all very clear on your opinions.
>
Yes, I mentioned it since this was the whole point of my email.
That should seem reasonible to anyone.
> You can now:
> 1) Pay someone to write that code
I am considering that option.
Do you know of anyone familiar with the freeradius code who could take the job?
More information about the Freeradius-Users
mailing list