Description of problem: When the freeradius package is installed without the make utility present in PATH, the bundled bootstrap script generates certificate key files with openssl, which sets access permissions on the generated key files such that the files are left unreadable for the daemon at the time when the certificate configuration is processed. Version-Release number of selected component (if applicable): freeradius-3.0.15-12.fc28 How reproducible: always Steps to Reproduce: 1. Build the following Dockerfile with docker: FROM registry.fedoraproject.org/fedora:28 RUN dnf -y install freeradius && dnf clean all 2. Run `radiusd -X` in the resulting container. Actual results: The server fails with this output: tls: Failed reading certificate file "/etc/raddb/certs/server.pem" tls: error:0200100D:system library:fopen:Permission denied tls: error:20074002:BIO routines:file_ctrl:system lib tls: error:140DC002:SSL routines:use_certificate_chain_file:system lib rlm_eap_tls: Failed initializing SSL context rlm_eap (EAP): Failed to initialise rlm_eap_tls /etc/raddb/mods-enabled/eap[14]: Instantiation failed for module "eap" Expected results: The server starts up and reports ready to process requests. Additional information:
Fixed by adding dependency on make, as upstream has two copies of setup code, but mostly maintains the make one. Thank you for the report, Mikhail!