From: Nick Porter <nick@portercomputing.co.uk>
Date: Fri, 8 Nov 2024 08:23:18 +0000 (+0000)
Subject: Add RuntimeDirectoryPreserve=yes to systemd service definitions
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2f9363b6f5bd23fabd41d437f55acf7bea0e53fa;p=thirdparty%2Ffreeradius-server.git

Add RuntimeDirectoryPreserve=yes to systemd service definitions

Control socket virtual servers typically create files in the runtime
directory.
If this is not kept, FreeRADIUS can't be started in debug mode if those
virtual servers are enabled.
---

diff --git a/debian/freeradius.service b/debian/freeradius.service
index 8886fc894bb..e1db1e5cc86 100644
--- a/debian/freeradius.service
+++ b/debian/freeradius.service
@@ -46,6 +46,11 @@ RestartSec=5
 #  Don't elevate privileges after starting
 NoNewPrivileges=true
 
+# Control socket virtual servers typically create files in
+# the runtime directory.  If this is not kept, FreeRADIUS can't
+# be started in debug mode if those virtual servers are enabled.
+RuntimeDirectoryPreserve=yes
+
 # Allow binding to secure ports, broadcast addresses, and raw interfaces.
 #
 # As the process starts as an unprivileged user, we need to assign all capabilities that
diff --git a/redhat/radiusd.service b/redhat/radiusd.service
index 91d49b1dcfa..e203f531b1c 100644
--- a/redhat/radiusd.service
+++ b/redhat/radiusd.service
@@ -39,6 +39,11 @@ RestartSec=5
 #  Don't elevate privileges after starting
 NoNewPrivileges=true
 
+# Control socket virtual servers typically create files in
+# the runtime directory.  If this is not kept, FreeRADIUS can't
+# be started in debug mode if those virtual servers are enabled.
+RuntimeDirectoryPreserve=yes
+
 # Allow binding to secure ports, broadcast addresses, and raw interfaces.
 #
 # As the process starts as an unprivileged user, we need to assign all capabilities that