I upgraded one of my servers to CentOS 5.4 today. The freeradius service (radiusd) didn't start up due to permissions errors. I tracked it to the permissions on the /etc/raddb/certs/ directory being set to 640 rather than 750, so the radius user couldn't enter the directory. In the spec file from the source rpm, line 200 should read:
%attr(750,root,radiusd) %config (noreplace) /etc/raddb/certs
rather than the current:
%attr(640,root,radiusd) %config (noreplace) /etc/raddb/certs
Note that this bug also exists in the the 1.1.3-1.4.el5 version that's part of the CentOS 5.4 release. I'm not sure if it exists upstream though, but there it is... ;)
-I
Ian Forde writes:
I upgraded one of my servers to CentOS 5.4 today. The freeradius service (radiusd) didn't start up due to permissions errors. I tracked it to the permissions on the /etc/raddb/certs/ directory being set to 640 rather than 750, so the radius user couldn't enter the directory. In the spec file from the source rpm, line 200 should read:
%attr(750,root,radiusd) %config (noreplace) /etc/raddb/certs
rather than the current:
%attr(640,root,radiusd) %config (noreplace) /etc/raddb/certs
Note that this bug also exists in the the 1.1.3-1.4.el5 version that's part of the CentOS 5.4 release. I'm not sure if it exists upstream though, but there it is... ;)
Thanks for the heads-up. This bug was already in 5.3, but it looks like it was never reported.
lhecking@users.sourceforge.net writes:
Ian Forde writes:
I upgraded one of my servers to CentOS 5.4 today. The freeradius service (radiusd) didn't start up due to permissions errors. I tracked it to the permissions on the /etc/raddb/certs/ directory being set to 640 rather than 750, so the radius user couldn't enter the directory. In the spec file from the source rpm, line 200 should read:
%attr(750,root,radiusd) %config (noreplace) /etc/raddb/certs
rather than the current:
%attr(640,root,radiusd) %config (noreplace) /etc/raddb/certs
Note that this bug also exists in the the 1.1.3-1.4.el5 version that's part of the CentOS 5.4 release. I'm not sure if it exists upstream though, but there it is... ;)
Thanks for the heads-up. This bug was already in 5.3, but it looks like it was never reported.
Still broken in 5.5.
--------------------------------------------------------------- This message and any attachments may contain Cypress (or its subsidiaries) confidential information. If it has been received in error, please advise the sender and immediately delete this message. ---------------------------------------------------------------
On Wed, 2010-05-19 at 09:09 +0100, Lars Hecking wrote:
lhecking@users.sourceforge.net writes:
Ian Forde writes:
I upgraded one of my servers to CentOS 5.4 today. The freeradius service (radiusd) didn't start up due to permissions errors. I tracked it to the permissions on the /etc/raddb/certs/ directory being set to 640 rather than 750, so the radius user couldn't enter the directory. In the spec file from the source rpm, line 200 should read:
%attr(750,root,radiusd) %config (noreplace) /etc/raddb/certs
rather than the current:
%attr(640,root,radiusd) %config (noreplace) /etc/raddb/certs
Note that this bug also exists in the the 1.1.3-1.4.el5 version that's part of the CentOS 5.4 release. I'm not sure if it exists upstream though, but there it is... ;)
Thanks for the heads-up. This bug was already in 5.3, but it looks like it was never reported.
Still broken in 5.5.
Yeah - just got slapped by it again on one of my boxes...
-I
-
Ian Forde -
Lars Hecking -
lhecking@users.sourceforge.net