radius.log permissions issue
Philip Molter
hrunting at hrunting.org
Thu Jul 16 18:32:05 CEST 2009
John Dennis wrote:
> There are various strategies to assure the newly created log file has
> the right ownership:
>
> * drop privileges prior to calling fopen()
> * call chown() after fclose() at the exit of the logging call.
> * pre-create the file if necessary very early during start up.
>
> I think the latter is preferable as it avoid the expense of setting or
> checking for the right ownership for every log message emitted (ouch).
Attached is a patch that fixes the issue. Given the way that freeradius
checks for the ability to write to the logfile, it should perform like
the latter (in my testing, it does exactly that).
The patch does a couple of things:
1) properly handles setuid changes in early configuration times
2) enables fr_suid_down/up/down_permanently noop calls so that compile
works when HAVE_SETUID is not defined
Philip
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: freeradius-suid.patch
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090716/e339f0dc/attachment.ksh>
More information about the Freeradius-Users
mailing list