otpd - resurrecting it

Stefan Paetow Stefan.Paetow at jisc.ac.uk
Wed Sep 23 12:29:57 CEST 2015

> run otpd but I do remember that no matter what I did, if radiusd did not
> have rights to /var/run/otpd/socket then FreeRadius was always denied
> permission when attempting to interact with otpd.

You could add radiusd (the user) to the group that otpd runs as (possibly 'otpd'), that way radiusd can access anything the group is allowed to access. This is something recommended when using winbindd with FR. :-)

> [root at HP-LAB-1 otpd]# su -l radiusd otptest
> This account is currently not available.

The radiusd account has a shell that does not allow interactive login. Use su --shell=/bin/bash -l radiusd otptest :-)

> All of the above results in otpd still running. But if I run radtest
> once more... otpd segfaults and leaves the /var/run/otpd/socket
> inaccessible by radiusd.

What's the actual ownership of that socket? Also... If you're running Fedora, is there any chance SELinux is messing with this?

With Regards

Stefan Paetow
Moonshot Industry & Research Liaison Coordinator

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet
Lumen House, Library Avenue, Harwell Oxford, Didcot, OX11 0SG


Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under Company No. number 2881024, VAT No. GB 197 0632 86. The registered office is: Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T 01235 822200.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150923/e730d8e3/attachment.sig>

More information about the Freeradius-Users mailing list