Failed reading certificate file error with freeradius container.

[Jonathan Gregoire]

It works, I have changed the file permissions on my host to "a+r" as suggested.

I will dig on the docker side to see how I can restrict permissions to the minimum required and post my finding here later.



Joleking
________________________________
From: Freeradius-Users <freeradius-users-bounces+jonathan763=hotmail.com at lists.freeradius.org> on behalf of Alan DeKok <aland at deployingradius.com>
Sent: January 29, 2024 15:20
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Failed reading certificate file error with freeradius container.

On Jan 29, 2024, at 3:06 PM, Jonathan Gregoire <jonathan763 at hotmail.com> wrote:
> In Freeradius container, it is the "freerad" user that run the freeradius service:
> ...
> On my host, the freerad user doesn't exist. So I created it and also a group called "freerad" just in case.

  All I can say is that it's a docker / OS / file system issue.  FreeRADIUS runs just fine if the file permissions let it read the files.

  Since FreeRADIUS doesn't control the file permissions, there isn't a lot it can do to fix this issue.

  If you change the files to be "a+r", then it will work.  Which tells you even more that it's a file system issue.

  On a normal OS, the default install creates the correct files with the correct permissions, and it just works.

  There's some docker magic required to get the permissions correct.  I really don't use docker, so I can't say much else here.

  Aan DeKok.

-
List info/subscribe/unsubscribe? See https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.freeradius.org%2Flist%2Fusers.html&data=05%7C02%7C%7Ca182d14748284b370cfc08dc2107cada%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638421564556509845%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=umTyn0KZhWbquttMK0iR41K57PK%2BuZKia2Es9MYfpOI%3D&reserved=0<http://www.freeradius.org/list/users.html>
J