raddebug
Alan DeKok
aland at deployingradius.com
Wed Aug 16 13:24:44 UTC 2023
On Aug 15, 2023, at 8:22 AM, Gerald Vogt <vogt at spamcop.net> wrote:
>
> Looking at the raddebug shell script, the issue is that it wants to read the security.group configuration:
>
> group=`$radmin -e "debug file radmin.debug.$$" -e "show config security.group"`
>
> But that is empty:
>
> # user = radius
> # group = radius
>
> because it's using the user and group set in the radiusd.service unit...
>
> So technically, radmin should be able to determine the group name which the server is actually using instead of relying on static configuration.
How? Patches are welcome.
Just to note:
* there may be more than one server running on the same system
* the user running raddebug may not have permission to read the configuration files
Or, just uncomment the "user" and "group" configuration. And set them to the correct names for the user/group. This won't cause problems.
The server will check that it's already running as that user, and will skip any calls to setuid(). And then raddebug will work correctly.
Alan DeKok.
More information about the Freeradius-Users
mailing list