Difficulties with rlm_perl specifically sending mail

David Buckley david.buckley at canterbury.ac.nz
Wed Feb 10 02:20:07 CET 2010

Dear List

Finally(!) got to the bottom this...

The RHEL server of interest is actually a RHEL SELinux server, and SELinux enforced that a process owned by the user radiusd should not be accessing a remote port 25.

Cure was a local policy override, and for those who know as much SELinux as I do, the instructions for this (actually really easy) procedure can be found in the manpage for audit2allow.

Can I just say: rlm_perl rocks.

Cheers, David.

-----Original Message-----
From: freeradius-users-bounces+david.buckley=canterbury.ac.nz at lists.freeradius.org [mailto:freeradius-users-bounces+david.buckley=canterbury.ac.nz at lists.freeradius.org] On Behalf Of Nicolas Goutte
Sent: Tuesday, 2 February 2010 10:19 p.m.
To: FreeRadius users mailing list
Subject: Re: Difficulties with rlm_perl specifically sending mail

Am 02.02.2010 um 00:12 schrieb David Buckley:

> Greetings from New Zealand
> I have a two factor auth system built using rlm_perl, which is all 
> working fine but for one problem.
> I have a function that sends emails for sending one-time passwords via 
> SMS which works perfectly when FR is run as radiusd -X, but doesn't 
> work when FR started as a service.  This FR 2.1.7 RPM installation on 
> RHEL modern and patched.  When run as a service RHEL runs radiusd as 
> user and group radiusd.

Just an idea: sending emails often means starting the program sendmail. Perhaps radiusd started as service has no $PATH and therefore cannot find sendmail.


> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html

Nicolas Goutte

extragroup GmbH - Karlsruhe
Waldstr. 49
76133 Karlsruhe

Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

This email may be confidential and subject to legal privilege, it may
not reflect the views of the University of Canterbury, and it is not
guaranteed to be virus free. If you are not an intended recipient,
please notify the sender immediately and erase all copies of the message
and any attachments.

Please refer to http://www.canterbury.ac.nz/emaildisclaimer for more

More information about the Freeradius-Users mailing list