Updating Winbindd Privileged Socket Path

Alan DeKok aland at deployingradius.com
Mon Jun 21 16:57:47 CEST 2021

On Jun 21, 2021, at 10:36 AM, Vertigo Altair <vertigo.altair at gmail.com> wrote:
> I'm running Winbindd on some other directory. I have to update winbindd
> prieveleged socket path on FreeRADIUS side. I've read some documents but I
> couldn't find a configuration for this.
> My samba config:
> # cat /etc/samba/smb.conf
> [global]
> winbindd socket directory = /mydir/var/run/winbindd
> state directory = / mydir /var/run/samba/locks/state
> pid directory = / mydir /var/run/
> cache directory = / mydir /var/run/samba/locks/cache
> lock directory = / mydir /var/run/samba/locks
> FreeRADIUS looks for the default winbindd socket directory
> (/var/run/samba/winbindd), but actually it should look for
> /permanent/var/run/samba/winbindd, how can I configure FreeRADIUS for that?

  So far as I can tell, it's impossible.

  I presume that you're using v3, and the mschap module with "winbind_username", etc.   I *think* you can change this via the WINBINDD_SOCKET_DIR environment variable.  But that definition comes from (and is used by) the Samba libraries.  FreeRADIUS doesn't use it at all.

  In 3.0.23, there's an ENV section in radiusd.conf.  You should be able to set:

	WINBINDD_SOCKET_DIR = /mydir/var/run/winbindd

  It might work.  https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html

	... Client tools must then be advised of the altered path with the WINBINDD_SOCKET_DIR environment variable.

  That might work.  But if it doesn't, it's the fault of Samba, and not FreeRADIUS.  :(

  Alan DeKok.

More information about the Freeradius-Users mailing list