Hi,
Thanks for help on previous post. My startup script for Radius now works so it starts at boot time, the script is in /etc/init.d and looks like this #!/bin/sh /usr/local/sbin/radiusd -d /usr/local/var/log/radius/radacct/ -d /usr/local/etc/raddb/ After rebooting radius starts up automatically which is what I want. However for security I don't want this to run under root, but I want to it run under a user and group called 'support' I have edited the radius.conf file and added # for some finer-grained access controls. # user = support group = support # max_request_time: The maximum time (in seconds) to handle a request. So this is to get radius to run under support. If I run radiusd -X from command line as user support, radius starts up fine. However if I run the startup script as user support from /etc/init.d by entering #./start-my-radius.sh it comes up with error upp...@oxc-rproxy-02:/etc/init.d$ ./start-my-radius.sh radiusd: Cannot initialize supplementary group list for user support: Operation not permitted I guess its something to do with permissions but I can't figure out what I need to change? I just want this to work under user support, if I'm logged in as root and run #./start-my-radius.sh it works fine and starts up radius. However I have to amend radius.conf to get this to work via root login so it looks like this #user = support #group = support So what have I missed? The radius files look like this supp...@oxc-rproxy-02:/usr/local/sbin$ ls -l total 780 -rwxr-xr-x 1 support support 36403 Oct 12 13:57 checkrad -rwxr-xr-x 1 support support 619724 Oct 12 13:57 radiusd -rwxr-xr-x 1 support support 115567 Oct 12 13:57 radmin -rwxr-xr-x 1 support support 1285 Oct 12 13:57 radwatch -rwxr-xr-x 1 support support 2471 Oct 12 14:22 rc.radiusd -rwxr-xr-x 1 support support 2506 Oct 12 14:22 rc.radiusdbkp supp...@oxc-rproxy-02:/usr/local/sbin$ This is what it looks like when the script starts via root supp...@oxc-rproxy-02:/etc/init.d$ ps aux | grep radiusd root 30712 0.0 0.2 47080 2744 ? Ssl 15:55 0:00 /usr/local/sbin/radiusd -d /usr/local/var/log/radius/radacct/ -d /usr/local/etc/raddb/ support 32505 0.0 0.0 2184 736 pts/0 S+ 15:57 0:00 grep radiusd OXC-RPROXY-02:/etc/init.d# cd /usr/local/sbin OXC-RPROXY-02:/usr/local/sbin# ls -l total 780 -rwxr-xr-x 1 support support 36403 Oct 12 13:57 checkrad -rwxr-xr-x 1 support support 619724 Oct 12 13:57 radiusd -rwxr-xr-x 1 support support 115567 Oct 12 13:57 radmin -rwxr-xr-x 1 support support 1285 Oct 12 13:57 radwatch -rwxr-xr-x 1 support support 2471 Oct 12 14:22 rc.radiusd -rwxr-xr-x 1 support support 2506 Oct 12 14:22 rc.radiusdbkp Please help! ------------------------------------------------------------------------------------------ This email and any attached files transmitted are confidential and intended solely for the person or entity to whom it is addressed. If you received this email in error you may not take action based on its contents, nor should you copy, print or show this to anyone; instead please reply to the sender and highlight the error, then delete the message from your system. Please note that the content of e-mail sent and received may have to be disclosed by the Council in response to a request for access to information. ----------------------------------------------------------------------------------------- Sunderland is aiming to become the most liveable city in the UK. Visit www.Sunderland.gov.uk for Council services and information. Business investors can access www.Investinsunderland.co.uk Visitors to the City should log onto www.Visitsunderland.com
