Freeradius won't bind to port if running as user AND started as root, but works fine if started as the radius user.

Matthew Schumacher matt.s at aptalaska.net
Wed Jul 31 17:03:48 CEST 2013


List,

This is odd, I can't seem to figure out what the deal is with this.

This works:

As root user; /usr/sbin/radius -X
As root user; /usr/sbin/radius (when user= and group= is commented out
and running as root)
As radius user; /usr/sbin/radius -X
As radius user;  /usr/sbin/radius (when user=radius and group=user)

This doesn't work:

As root user;  /usr/sbin/radius (when user=radius and group=user)

I don't think this is a permissions issue as it works fine when invoked
as the radius user in daemon mode (so we can read the config and write
to logs), but starting as root and letting radius switch to the radius
user doesn't work.

What is interesting is that the logs show:

.......
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server

When running as root user; /usr/sbin/radiusd -xx (when user=radius and
group=user)

So it stops just shy of thread pool and binding to the port.  The same
command and config run as the radius user shows:

.......
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
thread pool {
	start_servers = 10
	max_servers = 32
	min_spare_servers = 3
	max_spare_servers = 10
	max_requests_per_server = 0
	cleanup_delay = 5
	max_queue_size = 65536
 }
Thread spawned new child 1. Total threads in pool: 1
Thread 1 waiting to be assigned a request
Thread spawned new child 2. Total threads in pool: 2
Thread 2 waiting to be assigned a request
Thread spawned new child 3. Total threads in pool: 3
Thread 3 waiting to be assigned a request
Thread spawned new child 4. Total threads in pool: 4
Thread 4 waiting to be assigned a request
Thread spawned new child 5. Total threads in pool: 5
Thread 5 waiting to be assigned a request
Thread spawned new child 6. Total threads in pool: 6
Thread 6 waiting to be assigned a request
Thread spawned new child 7. Total threads in pool: 7
Thread 7 waiting to be assigned a request
Thread spawned new child 8. Total threads in pool: 8
Thread 8 waiting to be assigned a request
Thread spawned new child 9. Total threads in pool: 9
Thread 9 waiting to be assigned a request
Thread spawned new child 10. Total threads in pool: 10
Thread pool initialized
Thread 10 waiting to be assigned a request
radiusd: #### Opening IP addresses and Ports ####
listen {
	type = "auth"
	ipaddr = *
	port = 1645
}
listen {
	type = "acct"
	ipaddr = *
	port = 1646
}
Listening on authentication address * port 1645
Listening on accounting address * port 1646
Ready to process requests.


Any ideas?

Thanks,
schu


More information about the Freeradius-Users mailing list