rlm_counter: Failed to open file /etc/raddb/db.daily:, Permission denied
Romain Mercier
romain.mercier at univ-angers.fr
Fri Nov 14 09:49:46 CET 2008
Hi,
I got the same issue and I solved it modifying the file :
/usr/local/etc/raddb/radiusd.conf
I replaced the line :
db_dir = $(raddbdir)
By :
db_dir = ${raddbdir}
I use freeRadius 2.0.5 on a freeBSD 6.3
freeradius-users-request at lists.freeradius.org a écrit :
> Message: 2
> Date: Thu, 13 Nov 2008 18:21:17 -0500
> From: Ted Lum <freeradius.org at tedworld.com>
> Subject: Re: rlm_counter: Failed to open file /etc/raddb/db.daily:
> Permission denied
> To: Alan DeKok <aland at deployingradius.com>
> Cc: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <491CB66D.2080809 at tedworld.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> The default user and group have not been modified.
> The server DOES NOT run as root. It always starts as root, but changes
> its self.
>
> ...from radiusd.conf
> # We STRONGLY recommend that you run the server with as few permissions
> # as possible. That is, if you're not using shadow passwords, the
> # user and group items below should be set to radius'.
>
> They are:
>
> user = radiusd
> group = radiusd
>
> In fact, the db.daily file was created by the application and this is
> the sole reason for the file's ownership being what it is.
>
> In addition I have moved the location to /tmp where everyone has
> permission and it still fails.
>
> This is a ps after "service start radiusd":
> UID PID PPID C STIME TTY TIME CMD
> radiusd 6909 1 0 Nov12 ? 00:00:00 /usr/sbin/radiusd
>
> This is a ps after "/usr/sbin/radiusd -X":
> UID PID PPID C STIME TTY TIME CMD
> radiusd 6998 6933 5 15:48 pts/0 00:00:00 /usr/sbin/radiusd -X
>
> This is a ps after "strace /usr/sbin/radiusd":
> UID PID PPID C STIME TTY TIME CMD
> radiusd 7004 1 0 15:50 ? 00:00:00 /usr/sbin/radiusd
>
> In all cases its running as radiusd.
>
> So, any more ideas on how to fix this?
>
> -Ted-
>
> Alan DeKok wrote:
>
>> Ted Lum wrote:
>>
>>
>>> Any idea how to fix this?
>>>
>>>
>> Don't edit the default configuration files to break them.
>>
>> The default configuration files have the server running as root.
>> You've changed that to a user who does NOT have permission to read the
>> configuration files.
>>
>>
>>
>>> Wed Nov 12 21:29:16 2008 : Error: rlm_counter: Failed to open file
>>> /etc/raddb/db.daily: Permission denied
>>>
>>>
>> ...
>>
>>
>>> /etc/raddb
>>> -rw------- 1 radiusd radiusd 12312 Nov 12 21:29 db.daily
>>>
>>>
>> The server isn't running as user "radiusd/radiusd". Fix that.
>>
>>
>>
>>> This works:
>>> # /usr/sbin/radiusd -X
>>>
>>>
>> Becuse you're running it as root.
>>
>>
>>
>>> This works:
>>> # strace /usr/sbin/radiusd
>>>
>>>
>> Because you're running it as root.
>>
>>
>>
>>> This does not work:
>>> # service radiusd start
>>> Starting RADIUS server: [FAILED]
>>>
>>>
>> Because it changes UID's, and does not run as root.
>>
>> Alan DeKok.
>>
>>
>>
>
>
>
--
Romain Mercier
Université d'Angers - Direction des Systèmes d'Infrormation
Service Systèmes et Réseaux
Tel/Fax : 02-41-22-67-62/51
@ : romain.mercier at univ-angers.fr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081114/05a6ead8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Universit? d'Angers
Type: image/jpeg
Size: 7297 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081114/05a6ead8/attachment.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: UNR Pays de la Loire
Type: image/jpeg
Size: 5482 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081114/05a6ead8/attachment-0001.jpe>
More information about the Freeradius-Users
mailing list