I recently installed freeradius using Yast,but wehen I tried to run it in a debug mode:
radiusd -X
it gives me this error message
Error reading dictionnary:dict_init:Couldn't open dictionnary "etc/raddb/dictionary:Permission denied"
any one can help me?
linux-96fa:/etc/raddb # radiusd -X
FreeRADIUS Version 2.1.8, for host i686-pc-linux-gnu, built on Mar 10 2010 at 14:34:31
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/krb5
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/ntlm_auth
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/control-socket
main {
user = "radiusd"
group = "radiusd"
allow_core_dumps = no
}
including dictionary file /etc/raddb/dictionary
Errors reading dictionary: dict_init: Couldn't open dictionary "/etc/raddb/dictionary": Permission denied
linux-96fa:/etc/raddb # ls -l
total 204
-rw-r----- 1 root root 671 2010-03-10 09:35 acct_users
-rw-r----- 1 root root 4174 2010-03-10 09:35 attrs
-rw-r----- 1 root radiusd 513 2010-03-10 09:35 attrs.access_challenge
-rw-r----- 1 root root 458 2010-03-10 09:35 attrs.access_reject
-rw-r----- 1 root root 437 2010-03-10 09:35 attrs.accounting_response
-rw-r----- 1 root root 2022 2010-03-10 09:35 attrs.pre-proxy
drwxr-x--- 2 root radiusd 4096 2010-04-20 12:24 certs
-rw-r----- 1 root radiusd 6703 2010-03-10 09:35 clients.conf
-rw-r----- 1 root root 877 2010-03-10 09:35 dictionary
-rw-r----- 1 root radiusd 15045 2010-03-10 09:35 eap.conf
-rw-r----- 1 root radiusd 4609 2010-03-10 09:35 example.pl
-rw-r----- 1 root radiusd 12722 2010-03-10 09:35 experimental.conf
-rw-r----- 1 root root 2352 2010-03-10 09:35 hints
-rw-r----- 1 root root 1604 2010-03-10 09:35 huntgroups
-rw-r----- 1 root root 3173 2010-03-10 09:35 ldap.attrmap
drwxr-x--- 2 root radiusd 4096 2010-04-20 12:24 modules
-rw-r----- 1 root radiusd 2840 2010-03-10 09:35 policy.conf
-rw-r----- 1 root root 4873 2010-03-10 09:35 policy.txt
-rw-r----- 1 root radiusd 984 2010-03-10 09:35 preproxy_users
-rw-r----- 1 root radiusd 25971 2010-03-10 09:35 proxy.conf
-rw-r----- 1 root radiusd 27200 2010-03-10 09:35 radiusd.conf
drwxr-x--- 2 root root 4096 2010-04-20 12:24 sites-available
drwxr-x--- 2 root root 4096 2010-04-20 12:24 sites-enabled
drwxr-x--- 7 root radiusd 4096 2010-04-20 12:24 sql
-rw-r----- 1 root radiusd 3042 2010-03-10 09:35 sql.conf
-rw-r----- 1 root radiusd 2475 2010-03-10 09:35 sqlippool.conf
-rw-r----- 1 root radiusd 3450 2010-03-10 09:35 templates.conf
-rw-r----- 1 root radiusd 6524 2010-03-10 09:35 users
linux-96fa:/etc/raddb #
The radiusd user has no read permissions on dictionary. Look at the owner and group, they are root:root.
Thx a lot,that was perfect but I geting a new error message:
rlm_eap: SSL error error:0200100D:system library:fopen:Permission denied
rlm_eap_tls: Error reading certificate file /etc/raddb/certs/server.pem
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
got it work
I changed the ca.config permission (certs)
thx Ken_yap
bye