Running as root to authenticate against system accounts..
Kevin Hanser
kevin at mica.net
Thu Nov 10 21:21:59 CET 2005
Alan DeKok wrote:
>Kevin Hanser <kevin at mica.net> wrote:
>
>
>>So I changed my setup to run the radiusd daemon as root, and tested
>>again. Sure enough, if radiusd is run as root, I can authenticate
>>against the system.
>>
>>
> Which is why the default is to run as root. See the "user"
>directive in radiusd.conf, and the comments above it. The only thing
>missing in the comments is that you might have to create a shadow
>group, and make /etc/shadow readable by that group.
>
>
>
Hmm. Wonder how I missed that :) I was changing the user to root using
the user directive, but I guess I overlooked the comments directly above
it that pretty much explains my question :)
Thanx for pointing me to the proper place :) I was initially stumped
that my system didn't have a "shadow" group, but then I re-read your
message above and created one. Once I did that and restarted radiusd in
the shadow group, system authentication is working great!
Thx!
k
More information about the Freeradius-Users
mailing list