Cant Start Radius Server MAC OSX (snow leopard)

Doug Hardie bc979 at lafn.org
Mon Aug 15 06:31:36 CEST 2011


The root user in OS-X is not easily accessible.  Its there, just like in FreeBSD, but you can't login or su to it normally.  You can activate the root password (there are instructions on the web) then you can su to it and start things.  However, the most common approach is to use sudo.  The first user account created is an "admin" user that does have more privileges then any other user, but it does not have root privileges.


On 14 August 2011, at 20:11, Sallee, Stephen (Jake) wrote:

> Hmmm … are you sure you are root?  I am not a MAC guy, but I do know that MACs are based off Linux (technically FreeBSD with some Steve Jobs magic on top, but who REALLY makes that distinction any more : ).  That being the case root SHOULD have access to everything, so if as root you are being denied access to a file then either the file has become locked somehow (but Linux is not supposed to care about that) or you are not REALLY root.  Your user may be root but it could be missing some privileges that another system user has.  I have been using Fedora, Ubuntu, CentOS, etc for several years and have NEVER had a file deny root access.  Root is the holy smack down you lay on a file when you want to fiddle with it no-matter-what, file permissions be d at mn3d!
>  
> Then again, as I said, I am not a MAC guy so Apple could have done something special.  Perhaps another MAC user here can say…
>  
> Jake Sallee
> Godfather of Bandwidth
> System Engineer
> University of Mary Hardin-Baylor
> 900 College St.
> Belton, Texas
> 76513
> Fone: 254-295-4658
> Phax: 254-295-4221
>  
> From: freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org] On Behalf Of Elizabeth Fife
> Sent: Sunday, August 14, 2011 7:02 PM
> To: freeradius-users at lists.freeradius.org
> Subject: RE: Cant Start Radius Server MAC OSX (snow leopard)
>  
> Hi Jack
> I am root user
>  
> Server Radius Logs Say
>  
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql (sql): Driver rlm_sql_sqlite (module rlm_sql_sqlite) loaded and linked
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql (sql): Attempting to connect to radius at localhost:/radius
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: Opening sqlite database /private/etc/raddb/sqlite_radius_client_database for #0
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: sqlite3_open() = 0 
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: Opening sqlite database /private/etc/raddb/sqlite_radius_client_database for #1
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: sqlite3_open() = 0 
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: Opening sqlite database /private/etc/raddb/sqlite_radius_client_database for #2
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: sqlite3_open() = 0 
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: Opening sqlite database /private/etc/raddb/sqlite_radius_client_database for #3
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: sqlite3_open() = 0 
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: Opening sqlite database /private/etc/raddb/sqlite_radius_client_database for #4
> Sun Aug 14 16:59:56 2011 : Info: rlm_sql_sqlite: sqlite3_open() = 0 
> Sun Aug 14 16:59:56 2011 : Error: /private/etc/raddb/users[215]: Parse error (check) for entry Service-Type: Invalid octet string "NAS-Prompt-User" for attribute name ""
> Sun Aug 14 16:59:56 2011 : Error: Errors reading /private/etc/raddb/users
> Sun Aug 14 16:59:56 2011 : Error: /private/etc/raddb/modules/files[7]: Instantiation failed for module "files"
> Sun Aug 14 16:59:56 2011 : Error: /private/etc/raddb/sites-enabled/inner-tunnel[111]: Failed to find module "files".
> Sun Aug 14 16:59:56 2011 : Error: /private/etc/raddb/sites-enabled/inner-tunnel[34]: Errors parsing authorize section. 
> Sun Aug 14 16:59:56 2011 : Error: Errors initializing modules
>  
>  
> radiusd -x says
>  
> server10:~ admin$ radiusd -X
> FreeRADIUS Version 2.1.3, for host i386-apple-darwin10.0, built on Apr 11 2011 at 17:19:07
> Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. 
> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
> PARTICULAR PURPOSE. 
> You may redistribute copies of FreeRADIUS under the terms of the 
> GNU General Public License v2. 
> Starting - reading configuration files ...
> including configuration file /private/etc/raddb/radiusd.conf
> Unable to open file "/private/etc/raddb/radiusd.conf": Permission denied
> Errors reading /private/etc/raddb/radiusd.conf
>  
> DOes that help?
>  
>  
>  
>  
> > To: freeradius-users at lists.freeradius.org
> 
> > Subject: RE: Cant Start Radius Server MAC OSX (snow leopard)
> > Date: Sun, 14 Aug 2011 22:56:13 +0000
> > 
> > As what user are you attempting to start FreeRADIUS? Most times FR is run as a daemon, so any user that tries to run FR should have permissions to look at FR's files, most time this is root or some other super user. What does radiusd -X say?
> > 
> > Jake Sallee
> > Godfather of Bandwidth
> > System Engineer
> > University of Mary Hardin-Baylor
> > 900 College St.
> > Belton, Texas
> > 76513
> > Fone: 254-295-4658
> > Phax: 254-295-4221
> > 
> > -----Original Message-----
> > From: freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org] On Behalf Of DavidS
> > Sent: Sunday, August 14, 2011 5:22 PM
> > To: freeradius-users at lists.freeradius.org
> > Subject: Cant Start Radius Server MAC OSX (snow leopard)
> > 
> > Hi
> > I tried to Run Radius Server on Mac OSX Server Snow Leopard.
> > 
> > Tried to START Radius
> > 
> > It wont start
> > 
> > I had made a few changed (detailed below) I went to DEBUG with following out
> > put:
> > 
> > server10:~ admin$ radiusd -X
> > FreeRADIUS Version 2.1.3, for host i386-apple-darwin10.0, built on Apr 11
> > 2011 at 17:19:07
> > Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. 
> > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
> > You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. 
> > Starting - reading configuration files ...
> > including configuration file /private/etc/raddb/radiusd.conf Unable to open file "/private/etc/raddb/radiusd.conf": Permission denied Errors reading /private/etc/raddb/radiusd.conf server10:~ admin$ 
> > 
> > I had not edited this file
> > 
> > Can anyone help ?
> > 
> > Thanks
> > 
> > CHANGES I MADE PRIOR TO GETTING THIS ERROR First time I used the Radius Server
> > 
> > Using Server Admin selected the Radius service - it appeared as expected identified and I entered a local time capsule (That appeared as a base
> > station)
> > 
> > The Radius Server was running
> > 
> > I stopped the Radius Server
> > 
> > AND using textwrangler edited /etc/raddb/clients.conf 
> > 
> > I entered the following text below the preceding "#" and above the text "client localhost {"
> > client {
> > ipaddr = 192.168.0.100
> > netmask = 32
> > secret = XXXX
> > require_message_authenticator = no
> > shortname = slr877
> > nastype = cisco
> > }
> > 
> > I saved the file closed the file
> > 
> > 
> > Using textwrangler I edited /etc/raddb/users
> > 
> > At the end of the file entered
> > 
> > user1 Cleartext-Password := “password”
> > Service-Type = NAS-Prompt-User,
> > cisco-avpair = “webvpn:user-vpn-group=SLRgroup1”
> > 
> > Saved the file closed the file
> > 
> > Tried to restart the Radius Server and got the above error
> > 
> > Please help
> > Thanks
> > 
> > --
> > View this message in context: http://freeradius.1045715.n5.nabble.com/Cant-Start-Radius-Server-MAC-OSX-snow-leopard-tp4699245p4699245.html
> > Sent from the FreeRadius - User mailing list archive at Nabble.com.
> > 
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> > 
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





More information about the Freeradius-Users mailing list