Getting error only when *not* running in debug mode....
Alan DeKok
aland at deployingradius.com
Thu Jun 17 16:57:06 CEST 2021
On Jun 17, 2021, at 10:23 AM, Mark J. Bobak <mark at bobak.net> wrote:
>
> Ok, I guess I'll have to do some research on PAM.
Yup. TBH, I've found RADIUS easier than some of the PAM stuff.
> But I tried 'sudo service freeradius debug', and it started in debug mode,
> and when I tried radtest, it worked. So, I checked how freeradius is
> running (root or freerad) and it's still running as 'freerad':
> ubuntu at radius1:~$ ps -ef|grep freerad
> root 8784 8497 0 14:19 pts/0 00:00:00 sudo service freeradius
> debug
> root 8785 8784 0 14:19 pts/0 00:00:00 /bin/sh
> /etc/init.d/freeradius debug
> freerad 8801 8785 0 14:19 pts/0 00:00:00 /usr/sbin/freeradius -X
> ubuntu 8812 8627 0 14:20 pts/1 00:00:00 grep --color=auto
> freerad
>
> So, I'm not sure what's going on here. Running as root works. Running as
> freerad fails. Running as freerad w/ debug also works.
It's OS / PAM / permissions. This really isn't an issue for FreeRADIUS, it's the limitation of the system on which FreeRADIUS is running.
My $0.02 would just be to dump PAM, and use the totp module which is now included in 3.0.22+. It works, and it doesn't have all of these horrible issues.
Alan DeKok.
More information about the Freeradius-Users
mailing list