ownership change

Alan DeKok aland at deployingradius.com
Fri Dec 12 20:41:20 CET 2008

Norbert Wegener wrote:
> Upgrading from 2.1.1 to 2.1.3 on a Suse10.2 system and restarting
> radiusd with the identical configuration showed the following message:
> We do not own /var/run/radiusd/radiusd.sock.

  Ah... a side effect of fixing the "run as unprivileged user", I think.

> Removing radiusd.sock and restarting radiusd solved the problem.
> 2.1.3 obviously changed the ownership:
> ls -l /var/run/radiusd/radiusd.sock
> srw-rw---- 1 root radiusd 0 12. Dez 16:20 /var/run/radiusd/radiusd.sock
> Shouldn't the ownership still  be radiusd.radiusd ?


  The issue is that the server was change to:

 - setuid to radiusd/radiusd
 - BUT remember "root"
 - start booting
 - switch back to root
 - open sockets (including ports < 1024) as root
 - when done opening sockets, switch back to radiusd/radiusd

  The issue is that the file "radiusd.sock" is now opened as root, and
therefore some of the previous logic to check ownerships is wrong.

  I'll commit a fix to the "stable" tree tomorrow.

  Alan DeKok.

More information about the Freeradius-Users mailing list