Re: radius.log permissions issue

2009-07-17 Thread Alan DeKok
John Dennis wrote: FWIW, in our RPM's we force the creation of the radius.log file with ownership radiusd:radiusd at installation time before the server even runs. This should also be in the /etc/init.d/radiusd script. Alan DeKok. - List info/subscribe/unsubscribe? See

Re: radius.log permissions issue

2009-07-17 Thread Alan DeKok
Philip Molter wrote: Attached is a patch that fixes the issue. Given the way that freeradius checks for the ability to write to the logfile, it should perform like the latter (in my testing, it does exactly that). The patch does a couple of things: 1) properly handles setuid changes in

Re: radius.log permissions issue

2009-07-17 Thread Philip Molter
Alan DeKok wrote: Philip Molter wrote: Attached is a patch that fixes the issue. Given the way that freeradius checks for the ability to write to the logfile, it should perform like the latter (in my testing, it does exactly that). The patch does a couple of things: 1) properly handles

Re: radius.log permissions issue

2009-07-16 Thread A . L . M . Buxey
Hi, Is this a known bug? Is there a workaround other than creating the file by hand and setting its ownership before starting freeradius? ?? how are you starting this server - the file/directory should be radiusd:radiusd and when run it will do the 'correct thing' alan - List

Re: radius.log permissions issue

2009-07-16 Thread Philip Molter
On Jul 16, 2009, at 4:03 AM, a.l.m.bu...@lboro.ac.uk wrote: Hi, Is this a known bug? Is there a workaround other than creating the file by hand and setting its ownership before starting freeradius? ?? how are you starting this server - the file/directory should be radiusd:radiusd

Re: radius.log permissions issue

2009-07-16 Thread John Dennis
On 07/16/2009 08:12 AM, Philip Molter wrote: On Jul 16, 2009, at 4:03 AM, a.l.m.bu...@lboro.ac.uk wrote: Hi, Is this a known bug? Is there a workaround other than creating the file by hand and setting its ownership before starting freeradius? ?? how are you starting this server - the

Re: radius.log permissions issue

2009-07-16 Thread Philip Molter
John Dennis wrote: FWIW, in our RPM's we force the creation of the radius.log file with ownership radiusd:radiusd at installation time before the server even runs. If you don't force the creation of the file with the right ownership then I think the issue revolves around when a log message is

Re: radius.log permissions issue

2009-07-16 Thread Philip Molter
John Dennis wrote: There are various strategies to assure the newly created log file has the right ownership: * drop privileges prior to calling fopen() * call chown() after fclose() at the exit of the logging call. * pre-create the file if necessary very early during start up. I think the

radius.log permissions issue

2009-07-15 Thread Philip Molter
With freeradius 2.1.6, I have a configuration such as this in my radiusd.conf file: user = radiusd group = radiusd When I start up radiusd for the first time, the radius.log file gets created with 0640 permissions, owned by root:radiusd, instead of radiusd:radiusd. This doesn't prevent the