Help! Our security team wants radiusd running as a secure user. I've attempted to run it as nobody by editing radiusd.conf but I get a bunch of permission denied errors:
[EMAIL PROTECTED] etc]# /etc/init.d/radiusd start Starting RADIUS server: Thu Mar 31 16:21:27 2005 : Info: Starting - reading configuration files ... radiusd: Couldn't open /var/log/radius/radius.log for logging: Permission denied (rlm_exec: Wait=yes but no output defined. Did you mean output=none?) 4778:error:0200100D:system library:fopen:Permission denied:bss_file.c:104:fopen('/etc/raddb/certs/demoCA/cacert.pem','r') 4778:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:109: 4778:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:279: radiusd: Couldn't open /var/log/radius/radius.log for logging: Permission denied (rlm_eap_tls: Error reading Trusted root CA list) radiusd: Couldn't open /var/log/radius/radius.log for logging: Permission denied (rlm_eap: Failed to initialize type tls) radiusd: Couldn't open /var/log/radius/radius.log for logging: Permission denied (radiusd.conf[9]: eap: Module instantiation failed. ) [FAILED] [EMAIL PROTECTED] etc]# I've attempted creating a radiusd user and assigning rights but then I get: 4785:error:0200100D:system library:fopen:Permission denied:bss_file.c:104:fopen('/etc/raddb/certs/demoCA/cacert.pem','r') 4785:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:109: 4785:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:279: I've even done chmod a+rwx on cacert.pem but the error still shows. Ideas? -d - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html