Some time ago I migrated my home dhcp server from isc to freeradius. Almost everything worked like a charm. The only thing were problems with arp table [1].
Then I ended with configuration: radius binary have set cap bits[2] radius is run from systemd as freerad user (it is important that "User=freerad" should be in unit file, not only radius config) the only thing is '/var/run/freeradius/' directory creation. Is it bad idea to make freeradius run as freerad user with capabilities enabled? KJ [1] I even filled bug reports https://bugzilla.kernel.org/show_bug.cgi?id=187791 [2] cap_net_admin=eip CAP_NET_RAW=eip CAP_NET_BIND_SERVICE=eip -- http://wolnelektury.pl/wesprzyj/teraz/ Everyone is a genius. It's just that some people are too stupid to realize it.
