Reload on freeradius 1.1.0

André Lemos alemos at criticalsoftware.com
Fri Mar 10 12:26:07 CET 2006


Works:


10218 open("/etc/raddb/certs/cert-srv.pem", O_RDONLY) = 6
10218 fstat64(6, {st_mode=S_IFREG|0644, st_size=2439, ...}) = 0
10218 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f22000
10218 read(6, "Bag Attributes\n    localKeyID: 0"..., 4096) = 2439
10218 read(6, "", 4096)                 = 0
10218 close(6)                          = 0
10218 munmap(0xb7f22000, 4096)          = 0
10218 open("/etc/raddb/certs/demoCA/cacert.pem", O_RDONLY) = 6


Doesn't:

10218 open("/etc/raddb/certs/cert-srv.pem", O_RDONLY) = 6
10218 fstat64(6, {st_mode=S_IFREG|0644, st_size=2439, ...}) = 0
10218 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f22000
10218 read(6, "Bag Attributes\n    localKeyID: 0"..., 4096) = 2439
10218 close(6)                          = 0
10218 munmap(0xb7f22000, 4096)          = 0
10218 write(2, "10218:error:0906D06C:PEM routine"..., 100) = 100
10218 write(2, "10218:error:14085005:SSL routine"..., 70) = 70


André Lemos wrote:
> copied over vanila configurations from another freeradius 1.1.0
> configuration, and now it seems to work fine.
>
> odd...
>
> Alan DeKok wrote:
>   
>> =?ISO-8859-1?Q?Andr=E9_Lemos?= <alemos at criticalsoftware.com> wrote:
>>   
>>     
>>> doesn't anyone also have this problem?
>>>     
>>>       
>>   It works in my tests.
>>
>>   Hmm... the code prints the SSL errors to stderr.  They're lost when
>> running in daemon mode.  Yuck.
>>
>>   I *suspect* that the files aren't readable by the server after a
>> HUP.  Try making them owned by the UID the server is running as, and
>> making them readable by that uid.
>>
>>   Alan DeKok.
>>
>> - 
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>
>>   
>>     
>
>   
> ------------------------------------------------------------------------
>
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-- 
**_____________________**
* *André Ventura Lemos**
**Software Engineer**
**Critical Software, SA**
**Webpage:** 	**www.andrelemos.com**
**MSN:** 	**tux at tuxslare.org**
**GSM:** 	**+351916401042**
**TLF:** 	**+351239989100**




DISCLAIMER: This message may contain confidential information or privileged material and is intended only for the individual(s) named. If you are not a named addressee and mistakenly received this message you should not copy or otherwise disseminate it: please delete this e-mail from your system and notify the sender immediately. E-mail transmissions are not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete or contain viruses. Therefore, the sender does not accept liability for any errors or omissions in the contents of this message that arise as a result of e-mail transmissions. Please request a hard copy version if verification is required. Critical Software.




More information about the Freeradius-Users mailing list