Bug 464119 - FR2.1.1 - Initial installation gives a permission denied error
FR2.1.1 - Initial installation gives a permission denied error
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: freeradius (Show other bugs)
rawhide
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: John Dennis
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-09-26 08:04 EDT by John Horne
Modified: 2008-09-26 10:28 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-26 10:28:14 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description John Horne 2008-09-26 08:04:47 EDT
Description of problem:
After installing the 2.1.1 RPM, running '/usr/sbin/radiusd -X' gives the following error:

==================================================
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
......+......................+..............................................+....................+....................+......................+.........+.............+......................................................++*++*++*
unable to write 'random state'
dh: Permission denied
make: *** [dh] Error 1
Exec-Program output: openssl dhparam -out dh 1024
Exec-Program-Wait: plaintext: openssl dhparam -out dh 1024
Exec-Program: returned: 2
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
 }
}
Errors initializing modules
==================================================

Version-Release number of selected component (if applicable):
freeradius-2.1.1-1

How reproducible:
Every time.

Steps to Reproduce:
1. Install FR2.1.1 RPM
2. Run '/usr/sbin/radiusd -X'
3.
  
Actual results:
See above.

Expected results:
Running 'radiusd -X' should startup with errors in debug mode.

Additional info:
The problem seems to be the 'permission denied', and the /etc/raddb/certs (which I think is the relevant directory) shows:

  drwxr-x--- 2 root radiusd 4096 Sep 26 12:26 /etc/raddb/certs

As can be seen, the 'radiusd' user has no rights to write there. If I run 'chmod 770 /etc/raddb/certs' then 'radiusd -X' starts up without this error.
Comment 1 John Dennis 2008-09-26 10:28:14 EDT
Thank you John for reporting this and your diagnostic, it's appreciated. I've fixed the permissions on /etc/raddb/certs by changing it to 770. A new version freeradius-2.1.1-2 has been built in rawhide.

Note You need to log in before you can comment on or make changes to this bug.