Alan DeKok wrote:
Philip Molter wrote:
Attached is a patch that fixes the issue. Given the way that freeradius
checks for the ability to write to the logfile, it should perform like
the latter (in my testing, it does exactly that).
The patch does a couple of things:
1) properly handles setuid changes in early configuration times
OK.
2) enables fr_suid_down/up/down_permanently noop calls so that compile
works when HAVE_SETUID is not defined
That's needed, yes.
I've committed a fix based on this that:
a) does suid down earlier
b) lets it build when HAVE_SETUID is not defined
c) calls chown() on the log file to ensure it has the correct owner
Thanks Alan. I'll point out the HAVE_SETUID ifdef used within the
switch_users() function is redundant. The entire function is wrapped in
HAVE_SETUID.
Philip
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
