Bash Script not exec-uting in Daemon Mode
Alan DeKok
aland at deployingradius.com
Thu Mar 31 13:22:54 UTC 2022
On Mar 31, 2022, at 1:47 AM, Mike Ruebner <freeradius at machichemicals.com> wrote:
>
> Well, I didn't expect someone to take this personally. Neither was that my intent.
Unfortunately, such childish responses look worse for you than for me. Your reply shows that you've chosen to take offence when any normal person would see that none was given.
Your original message made it clear that you hadn't done anything yourself to debug the problem. Instead, you just posted a nearly content-free message to the list, and expected the geniuses here to figure it out.
Then after being given detailed technical advice for debugging this issue, you respond with a complaint that you're the victim.
The underlying offending act is that my message implied that you did something wrong. That's personally traumatic for you. So you have to respond as if my clear, polite, response was somehow personally offensive.
Well, you're not the victim here. You're the one causing problems.
> And, yes, something changed. After some digging, I found this nugget in '/lib/systemd/system/freeradius.service':
>
> # We shouldn't be writing to the configuration directory
> ReadOnlyDirectories=/etc/freeradius/
>
> Defeats any attempt to write to a sub-directory & explains why my script stopped performing in daemon mode. No idea when this was introduced, or whether the package maintainer came up with this brilliant idea. Wouldn't hurt to document this somewhere, though. Anyway, my system, my rules. Directive commented out, and my script is working as expected again.
It's terrible practice to allow the server (or any program started by the server) to write to the configuration files / directories. The default configuration has prevented this for well over a decade. The only reason your script worked at all is that you changed the default file permissions to allow an insecure configuration.
Oh, and my list, my rules. If you complain about my reply here, you will be unsubscribed from the list and permanently banned.
We don't put up with nonsense like "I'm the victim for being given technical advice". Or nonsense like "I'm the victim for being asked to provide useful information about the problem". Or "I'm the victim for being asked to read the documentation and follow its instructions".
All of those attitudes are inappropriate, and are not accepted here. They will result in a ban. This is your only warning.
Alan DeKok.
More information about the Freeradius-Users
mailing list