Chrooting freeradius 2.1.6

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Mon Aug 3 14:31:56 CEST 2009


Hi,

> > doesn't help. Also, putting these files under current directory is not
> > a solution due to modules dependencies. Am I doing something wrong
> > or it is impossible to jail freeradius into empty (or containing only
> > /dev/log and /dev/urandom devices) directory?
> 
>   The server needs a lot of files in order for it to work properly.
> Deleting *everything* in a chroot is just too problematic.

aye. if you follow the standard guides for, for example chroot'd named (BIND)
or ISC dhcpd you can do the same with FreeRADIUS. you need to ensure you have
a local copy of all the libraries that FR used - use eg 'ldd radiusd' to find
all the libraries that FR needs.

however, If you really want to chroot then i'd suggest that you build
with static, not dynamic libraries...then more is ready to go (less to be hived).

alan



More information about the Freeradius-Users mailing list