Freeradius daemon terminates with a SIGTERM

Prajosh Augustine prajosh at optusnet.com.au
Tue Nov 26 05:50:08 CET 2019


Hi,

We are running freeradius 3.0.19 on RedHat 7.6 and trying to run as a 
daemon via 'systemctl start freeradiusd.service'. But executable starts 
and it is killed immediately. We have the following entries in the log 
/var/log/freeradius/radius.log.

Does anyone know why is it getting a signal to terminate? Any help is 
appreciated. Upon checking the process with 'strace' output, it shows 
that it is terminated with a SIGTERM signal.


Tue Nov 26 15:33:49 2019 : Info: Debugger not attached
Tue Nov 26 15:33:49 2019 : Info: systemd watchdog interval is 30.00 secs
Tue Nov 26 15:33:49 2019 : Info: rlm_ldap: libldap vendor: OpenLDAP, 
version: 20444
Tue Nov 26 15:33:49 2019 : Info: Loaded virtual server <default>
Tue Nov 26 15:33:49 2019 : Warning: Ignoring "sql" (see 
raddb/mods-available/README.rst)
Tue Nov 26 15:33:49 2019 : Info: Loaded virtual server default
Tue Nov 26 15:33:49 2019 : Info: Loaded virtual server status
Tue Nov 26 15:33:49 2019 : Info: Ready to process requests
Tue Nov 26 15:33:49 2019 : Info: Signalled to terminate
Tue Nov 26 15:33:49 2019 : Info: Exiting normally


But when the executable is run manually, it runs ok (even though with 
warning regarding NSS/OpenSSL libraries) and accepts all authentication 
requests. We renamed the binary as freeradiusd from radiusd as per our 
naming convention. As per 
http://lists.freeradius.org/pipermail/freeradius-users/2018-May/091636.html, 
the warnings are due to Redhat switching the library to NSS from OpenSSL 
in 7.6. Could the SIGTERM that we receive be because of the warning 
messages below?


[root at xxxpoc01.st1 system]# /usr/sbin/freeradiusd
TLSMC: MozNSS compatibility interception begins.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration 
is present.
tlsmc_intercept_initialization: INFO: successfully intercepted TLS 
initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLSMC: MozNSS compatibility interception begins.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration 
is present.
tlsmc_intercept_initialization: INFO: successfully intercepted TLS 
initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLSMC: MozNSS compatibility interception begins.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration 
is present.
tlsmc_intercept_initialization: INFO: successfully intercepted TLS 
initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLSMC: MozNSS compatibility interception begins.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration 
is present.
tlsmc_intercept_initialization: INFO: successfully intercepted TLS 
initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLSMC: MozNSS compatibility interception begins.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration 
is present.
tlsmc_intercept_initialization: INFO: successfully intercepted TLS 
initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.


The contents of the service file 
(/etc/systemd/system/freeradiusd.service) is below:


[Unit]
Description=FreeRADIUS multi-protocol policy server
After=network-online.target
Documentation=man:radiusd(8) man:radiusd.conf(5) 
http://wiki.freeradius.org/ http://networkradius.com
/doc/

[Service]
Type=notify
WatchdogSec=60
NotifyAccess=all
PIDFile=/var/run/freeradiusd/freeradius.pid
EnvironmentFile=-/etc/sysconfig/radiusd
Environment=HOSTNAME=%H

MemoryLimit=2G

ExecStartPre=/usr/sbin/freeradiusd $FREERADIUS_OPTIONS -Cx -lstdout
ExecStartPre=/usr/bin/chown radiusd:radiusd /var/run/freeradiusd
ExecStart=-/usr/sbin/freeradiusd $FREERADIUS_OPTIONS
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target



Thanks,

Prajosh



More information about the Freeradius-Users mailing list