|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Okay, added the group modem, changed permissions. One note on a command
that the params were backwards for me. I changed this:
usermod john -G modem # add user john to group modem
to this:
usermod -G modem john # add user john to group modem
Then it worked fine for me.
I was able to get past the suid error in KPPP, but not able to get it to
try and connect. The error it gives is cannot create modem lock file.
I know what its talking about - KPPP does do locking and I used to know
where that file was. I think I need to do the same changes to that lock
file that I did to pppd, only, I couldn't find the freakin' file.
Anyone know where its located??
TIA,
-john
Darxus wrote:
>
> On Mon, 13 Mar 2000, Luis Baars wrote:
>
> > # chgrp modem pppd <enter>
> > # chmod 4750 pppd <enter>
>
> You'll probably also need to
>
> # chgrp modem <whatever /dev/modem is simlinked to>
> # chmod g+rw <whatever /dev/modem is simlinked to>
>
> I believe I tried setting this up so non-root users could start ppp, and
> failed. But it was a long time ago. And Mouse had his sun box set up to
> do that... eons ago.. it has to be doable.
>
> Oh... wait... I think pppd needs to be run as root.
>
> http://www.linuxdoc.org/HOWTO/PPP-HOWTO-6.html#ss6.6
> 6.6 PPP and root Privileges
> As establishing a PPP link between you Linux computer and another PPP
> server requires manipulation of network devices (the PPP interface is a
> network interface) and the kernel routing table, pppd requires root
> privileges.
>
> Yup...
>
> So forget what both of us just said. So if you want to run pppd as a non
> root user, you'll need to run it suid root. This should work.. let me
> know (based on redhat manpages):
>
> chown root /usr/sbin/pppd # dunno who else it'd be owned by, but make sure
> chmod u+s /usr/sbin/pppd # so that it executes suid root
> groupadd modem # create group modem
> chgrp modem /usr/sbin/pppd # change group ownership of pppd
> chmod o-x /usr/sbin/pppd # remove execute rights for non user/group
> usermod john -G modem # add user john to group modem
>
> I still think it's better to just run pppd as root :)
>
> > I hate having to su to root everytime I want to start something like pppd.
> > This should give you the flexibility of running a root program without
> > creating a big huge security hole.
>
> That's why I leave root logged in on vt1, so I can just alt-f1.
> __________________________________________________________________
> PGP fingerprint = 03 5B 9B A0 16 33 91 2F A5 77 BC EE 43 71 98 D4
> darxus@op.net / http://www.op.net/~darxus
> Chaos reigns.
>
> ______________________________________________________________________
> Philadelphia Linux Users Group - http://plug.nothinbut.net
> Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
> General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
______________________________________________________________________
Philadelphia Linux Users Group - http://plug.nothinbut.net
Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
|
|