HOWTO PEAP + FreeRadius + XP Client

George KNIGHT georgeknight at gmail.com
Thu May 1 19:06:30 CEST 2008 

Permissions are as follow;


comp-010:/etc/raddb # dir
total 289
-rw-r----- 1 root radiusd   718 2008-02-14 10:35 acct_users
-rw-r----- 1 root radiusd  4187 2008-02-14 10:35 attrs
-rw-r----- 1 root radiusd   516 2008-02-14 10:35 attrs.access_reject
-rw-r----- 1 root radiusd   501 2008-02-14 10:35 attrs.accounting_response
-rw-r----- 1 root radiusd  1969 2008-02-14 10:35 attrs.pre-proxy
drwxr-x--- 2 root radiusd   680 2008-04-30 17:48 certs
-rw-r----- 1 root radiusd  6727 2008-04-30 12:06 clients.conf
-rw-r----- 1 root radiusd   929 2008-02-14 10:35 dictionary
-rw-r----- 1 root radiusd 13648 2008-04-30 17:53 eap.conf
-rw-r----- 1 root root    13647 2008-04-25 14:01 eap.conf.orig
-rw-r----- 1 root radiusd  4609 2008-02-14 10:35 example.pl
-rw-r----- 1 root radiusd 14536 2008-02-14 10:35 experimental.conf
-rw-r----- 1 root radiusd  2396 2008-02-14 10:35 hints
-rw-r----- 1 root radiusd  1604 2008-02-14 10:35 huntgroups
-rw-r----- 1 root radiusd  2985 2008-02-14 10:35 ldap.attrmap
-rw-r----- 1 root radiusd  3357 2008-02-14 10:35 otp.conf
-rw-r----- 1 root radiusd  1204 2008-02-14 10:35 policy.conf
-rw-r----- 1 root radiusd  4922 2008-02-14 10:35 policy.txt
-rw-r----- 1 root radiusd  1035 2008-02-14 10:35 preproxy_users
-rw-r----- 1 root radiusd 17889 2008-02-14 10:35 proxy.conf
-rw-r----- 1 root radiusd 60371 2008-04-30 12:18 radiusd.conf
-rw-r----- 1 root root    60371 2008-04-25 13:14 radiusd.conf.orig
drwxr-xr-x 2 root root      120 2008-04-25 10:17 sites-available
drwxr-xr-x 2 root root       72 2008-04-25 10:17 sites-enabled
-rw-r----- 1 root radiusd  1276 2008-02-14 10:35 snmp.conf
drw-r----- 6 root radiusd   152 2008-02-14 10:35 sql
-rw-r----- 1 root radiusd  2533 2008-02-14 10:35 sql.conf
-rw-r----- 1 root radiusd  1988 2008-02-14 10:35 sqlippool.conf
-rw-r----- 1 root radiusd  3503 2008-02-14 10:35 templates.conf
-rw-r----- 1 root radiusd  6603 2008-04-30 15:50 users
comp-010:/etc/raddb # dir ./certs
total 104
-rw-r----- 1 root root    4210 2008-04-25 10:17 01.pem
-rwxr-x--- 1 root radiusd  524 2008-02-14 10:35 bootstrap
-rw-r----- 1 root radiusd 1155 2008-02-14 10:35 ca.cnf
-rw-r----- 1 root root    1743 2008-04-25 10:17 ca.key
-rw-r----- 1 root root    1322 2008-04-25 10:17 ca.pem
-rw-r----- 1 root radiusd 1109 2008-02-14 10:35 client.cnf
-rw-r----- 1 root root     245 2008-04-25 10:18 dh
-rw-r----- 1 root root     120 2008-04-25 10:17 index.txt
-rw-r----- 1 root root      21 2008-04-25 10:17 index.txt.attr
-rw-r----- 1 root root       0 2008-04-25 10:17 index.txt.old
-rw-r----- 1 root radiusd 4430 2008-02-14 10:35 Makefile
-rw-r----- 1 root root    5120 2008-04-25 10:18 random
-rw-r----- 1 root radiusd 5343 2008-02-14 10:35 README
-rw-r----- 1 root root       3 2008-04-25 10:17 serial
-rw-r----- 1 root root       3 2008-04-25 10:17 serial.old
-rw-r----- 1 root radiusd 1123 2008-02-14 10:35 server.cnf
-rw-r----- 1 root root    4210 2008-04-25 10:17 server.crt
-rw-r----- 1 root root    1062 2008-04-25 10:17 server.csr
-rw-r----- 1 root root    1743 2008-04-25 10:17 server.key
-rw-r----- 1 root root    2525 2008-04-25 10:17 server.p12
-rw-r----- 1 root root    3495 2008-04-25 10:17 server.pem
-rw-r----- 1 root radiusd  578 2008-02-14 10:35 xpextensions
comp-010:/etc/raddb #



Thank you.
George





On Thu, May 1, 2008 at 12:47 PM, Alan DeKok <aland at deployingradius.com>
wrote:

> George KNIGHT wrote:
> > Running radiusd -X command as a root gives me the following error
> > message as I posted here yesterday;
>
>   And the permissions on that directory are... ?
>
> > It says a 'permission denied'  and you asked me earlier if I was running
> > the command as a root, which the answer is yes. So, how can I overcome
> > this problem?
>
>   Can you look at the directory as root, from the shell?
>
>  In this case, the server is just calling OpenSSL... which calls the
> normal file API.  If that returns "no permission", OpenSSL is at the
> mercy of the file system, and FreeRADIUS is at the mercy of OpenSSL.
>
>  If worse comes to worse, for testing do:
>
> $ cd /etc/raddb
> $ chmod -R ug+rwx .
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080501/3014a843/attachment.html>

More information about the Freeradius-Users mailing list