rlm_counter: Failed to open file /etc/raddb/db.daily:, Permission denied
Ted Lum
freeradius.org at tedworld.com
Sat Nov 15 00:25:05 CET 2008
Wow, had to look at that for a while before I spotted the difference.
Mine, however, already uses {}, so that's not it either. Thanks though.
-Ted-
Romain Mercier wrote:
> Hi,
>
> I got the same issue and I solved it modifying the file :
> /usr/local/etc/raddb/radiusd.conf
>
> I replaced the line :
> db_dir = $(raddbdir)
>
> By :
> db_dir = ${raddbdir}
>
> I use freeRadius 2.0.5 on a freeBSD 6.3
>
>
> freeradius-users-request at lists.freeradius.org a écrit :
>> Message: 2
>> Date: Thu, 13 Nov 2008 18:21:17 -0500
>> From: Ted Lum <freeradius.org at tedworld.com>
>> Subject: Re: rlm_counter: Failed to open file /etc/raddb/db.daily:
>> Permission denied
>> To: Alan DeKok <aland at deployingradius.com>
>> Cc: FreeRadius users mailing list
>> <freeradius-users at lists.freeradius.org>
>> Message-ID: <491CB66D.2080809 at tedworld.com>
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>
>> The default user and group have not been modified.
>> The server DOES NOT run as root. It always starts as root, but changes
>> its self.
>>
>> ...from radiusd.conf
>> # We STRONGLY recommend that you run the server with as few permissions
>> # as possible. That is, if you're not using shadow passwords, the
>> # user and group items below should be set to radius'.
>>
>> They are:
>>
>> user = radiusd
>> group = radiusd
>>
>> In fact, the db.daily file was created by the application and this is
>> the sole reason for the file's ownership being what it is.
>>
>> In addition I have moved the location to /tmp where everyone has
>> permission and it still fails.
>>
>> This is a ps after "service start radiusd":
>> UID PID PPID C STIME TTY TIME CMD
>> radiusd 6909 1 0 Nov12 ? 00:00:00 /usr/sbin/radiusd
>>
>> This is a ps after "/usr/sbin/radiusd -X":
>> UID PID PPID C STIME TTY TIME CMD
>> radiusd 6998 6933 5 15:48 pts/0 00:00:00 /usr/sbin/radiusd -X
>>
>> This is a ps after "strace /usr/sbin/radiusd":
>> UID PID PPID C STIME TTY TIME CMD
>> radiusd 7004 1 0 15:50 ? 00:00:00 /usr/sbin/radiusd
>>
>> In all cases its running as radiusd.
>>
>> So, any more ideas on how to fix this?
>>
>> -Ted-
>>
>> Alan DeKok wrote:
>>
>>> Ted Lum wrote:
>>>
>>>
>>>> Any idea how to fix this?
>>>>
>>>>
>>> Don't edit the default configuration files to break them.
>>>
>>> The default configuration files have the server running as root.
>>> You've changed that to a user who does NOT have permission to read the
>>> configuration files.
>>>
>>>
>>>
>>>> Wed Nov 12 21:29:16 2008 : Error: rlm_counter: Failed to open file
>>>> /etc/raddb/db.daily: Permission denied
>>>>
>>>>
>>> ...
>>>
>>>
>>>> /etc/raddb
>>>> -rw------- 1 radiusd radiusd 12312 Nov 12 21:29 db.daily
>>>>
>>>>
>>> The server isn't running as user "radiusd/radiusd". Fix that.
>>>
>>>
>>>
>>>> This works:
>>>> # /usr/sbin/radiusd -X
>>>>
>>>>
>>> Becuse you're running it as root.
>>>
>>>
>>>
>>>> This works:
>>>> # strace /usr/sbin/radiusd
>>>>
>>>>
>>> Because you're running it as root.
>>>
>>>
>>>
>>>> This does not work:
>>>> # service radiusd start
>>>> Starting RADIUS server: [FAILED]
>>>>
>>>>
>>> Because it changes UID's, and does not run as root.
>>>
>>> Alan DeKok.
>>>
>>>
>>>
>>
>>
>>
>
>
> --
>
>
>
>
>
> Romain Mercier
>
> Université d'Angers - Direction des Systèmes d'Infrormation
> Service Systèmes et Réseaux
> Tel/Fax : 02-41-22-67-62/51
> @ : romain.mercier at univ-angers.fr
>
>
> --
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.
> ------------------------------------------------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Freeradius-Users
mailing list