Chrooting freeradius 2.1.6
Alan DeKok
aland at deployingradius.com
Mon Aug 3 11:38:05 CEST 2009
Adam Osuchowski wrote:
> what exactly should be placed in directory which freeradius 2.1 chroots
> to? I tried to configure chrooted environment for freeradius and I had
> to place all rlm_*.so (along with dependencies) and dictionary.* files
> inside chroot directory because chroot() is called earlier than these
> files are read.
Yes.
> Even if I put modules names in instantiate section, it
> doesn't help. Also, putting these files under current directory is not
> a solution due to modules dependencies. Am I doing something wrong
> or it is impossible to jail freeradius into empty (or containing only
> /dev/log and /dev/urandom devices) directory?
The server needs a lot of files in order for it to work properly.
Deleting *everything* in a chroot is just too problematic.
> IMHO, it would be more logical to chroot after all initialization work
> was done and all files have been read.
Great. Fix it, and send a patch.
Alan DeKok.
More information about the Freeradius-Users
mailing list