Fix crash when starting radiusd through systemd service

Resolves: #RHEL-116594
Signed-off-by: Antonio Torres <antorres@redhat.com>

freeradius-disable-jit-if-pcre-cant-allocate-memory.patch

@@ -0,0 +1,48 @@
+From 35a226a33aa8a18b892c0ee1c46ea9f69b42b411 Mon Sep 17 00:00:00 2001
+From: "Alan T. DeKok" <aland@freeradius.org>
+Date: Fri, 22 Aug 2025 07:13:26 -0400
+Subject: [PATCH] run-time disable JIT if PCRE can't allocate executable
+ memory.
+
+[antorres@redhat.com]: This patch will be included in FreeRADIUS 3.2.9.
+[antorres@redhat.com]: This patch has been modified to include the typo fix from 52fc9cd0b71848503fd3a3cdcb81d5440b890e09.
+---
+ src/lib/regex.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/regex.c b/src/lib/regex.c
+index 67fd16b2b680..f4d631471bcb 100644
+--- a/src/lib/regex.c
++++ b/src/lib/regex.c
+@@ -152,11 +152,21 @@ ssize_t regex_compile(TALLOC_CTX *ctx, regex_t **out, char const *pattern, size_
+ 		 *	expressions that are going to be
+ 		 *	evaluated repeatedly.
+ 		 */
+-		if (do_jit) {
++		if (do_jit) do {
+ 			ret = pcre2_jit_compile(preg->compiled, PCRE2_JIT_COMPLETE);
+ 			if (ret < 0) {
+ 				PCRE2_UCHAR errbuff[128];
+ 
++				/*
++				 *	PCRE can do JIT, but this UID
++				 *	cannot allocate executable
++				 *	memory.  Stop trying to JIT things.
++				 */
++				if (ret == PCRE2_ERROR_NOMEMORY) {
++					do_jit = false;
++					break;
++				}
++
+ 				pcre2_get_error_message(ret, errbuff, sizeof(errbuff));
+ 				fr_strerror_printf("Pattern JIT failed: %s", (char *)errbuff);
+ 				talloc_free(preg);
+@@ -164,7 +174,7 @@ ssize_t regex_compile(TALLOC_CTX *ctx, regex_t **out, char const *pattern, size_
+ 				return 0;
+ 			}
+ 			preg->jitd = true;
+-		}
++		} while (0);
+ #endif
+ 	}
+ 

freeradius.spec

@@ -1,7 +1,7 @@
 Summary: High-performance and highly configurable free RADIUS server
 Name: freeradius
 Version: 3.2.8
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPL-2.0-or-later AND LGPL-2.0-or-later
 URL: http://www.freeradius.org/
 
@@ -32,6 +32,7 @@ Patch8: freeradius-configure-c99.patch
 Patch10: freeradius-no-sql-scripts.patch
 Patch11: freeradius-disable-openssl-engine.patch
 Patch12: freeradius-disable-perl-script.patch
+Patch13: freeradius-disable-jit-if-pcre-cant-allocate-memory.patch
 
 %global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
 
@@ -219,6 +220,7 @@ This plugin provides the REST support for the FreeRADIUS server project.
 %patch 10 -p1
 %patch 11 -p1
 %patch 12 -p1
+%patch 13 -p1
 
 %build
 # Force compile/link options, extra security for network facing daemon
@@ -920,6 +922,11 @@ EOF
 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/rest
 
 %changelog
+* Wed Sep 24 2025 Antonio Torres <antorres@redhat.com> - 3.2.8-2
+- Disable JIT if PCRE can't allocate executable memory
+- Fix warnings from service file
+  Resolves: RHEL-116594
+
 * Tue Sep 02 2025 Antonio Torres <antorres@redhat.com> - 3.2.8-1
 - Rebase to release 3.2.8
   Resolves: RHEL-107671

radiusd.service

@@ -4,8 +4,8 @@ After=syslog.target network-online.target ipa.service dirsrv.target krb5kdc.serv
 
 [Service]
 Type=forking
-PIDFile=/var/run/radiusd/radiusd.pid
-ExecStartPre=-/bin/chown -R radiusd.radiusd /var/run/radiusd
+PIDFile=/run/radiusd/radiusd.pid
+ExecStartPre=-/bin/chown -R radiusd:radiusd /run/radiusd
 ExecStartPre=/usr/sbin/radiusd -C
 ExecStart=/usr/sbin/radiusd -d /etc/raddb
 ExecReload=/usr/sbin/radiusd -C