LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   givng permission to kppp, process manager and etc (http://www.linuxquestions.org/questions/linux-general-1/givng-permission-to-kppp-process-manager-and-etc-128573/)

demmylls 12-24-2003 01:56 AM

givng permission to kppp, process manager and etc
 
how to give permission to normal user so that that user dont need keyin the root password everytime start kppp, process manager(when want to end process got stuck when it asked me for root password).

how to give permission to programs/utilitites that need root password?

DavidPhillips 12-25-2003 09:06 PM

sudo is my prefered method.

There are a couple of things to know about RedHat and kppp. The command that's resides in /usr/bin/kppp will open a prompt using console helper. This is using the file setup for kppp in /etc/pam.d/. If you wish to use sudo then you need to bypass or replace the link in /usr/bin/ named kppp.

The easiest thing to do is probably to simply replace the link.

rm /usr/bin/kppp
ln -s /usr/sbin/kppp /usr/bin/kppp

or

ln -sf /usr/sbin/kppp /usr/bin/kppp

Or leave it as is and run the command /usr/sbin/kppp


In order to use sudo you want to setup the line for kppp in your /etc/sudoers file

To do that you need to use visudo, you need to know how to use vi.


/etc/sudoers file

# Cmnd alias specification
Cmnd_Alias KPPP=/usr/bin/kppp

or, if you left the consolehelper link in /usr/bin/kppp

# Cmnd alias specification
Cmnd_Alias KPPP=/usr/sbin/kppp

allow the users group to run kppp without password

%kpppusers zeus=NOPASSWD:KPPP


note:
zeus is my hostname
kpppusers is a group name

You will need to create such a group if you don't already have one, and add your users to it. It can be any group you want. To seperate permissions amoung users and resources I would create a new group to use.

groupadd kpppusers
gpasswd -a david kpppusers



Now to use it the user would run kppp like this..


sudo /usr/bin/kppp

or

sudo /usr/sbin/kppp



Without entering path:

If you replace the link then kppp will be in the users path and you can use ..

sudo kppp

If you do not replace the link then

sudo kppp

will still be trying to run the console helper

DavidPhillips 12-25-2003 10:11 PM

Other considerations.

The sudo method may not be your best choice. It depends on your system usage. The sudo method will cause kppp to use a global config file (root's). If you want the users to setup and use seperate connection settings and also prevent users from changing things that may cause problems for other users then you should not use sudo for kppp.

If that's the case you would do this..

ln -sf /usr/sbin/kppp /usr/bin/kppp

groupadd kpppusers
gpasswd -a david kpppusers

chmod 750 /usr/sbin/kppp
chown root.kpppusers /usr/sbin/kppp



Then the user can run kppp and set it up for themselves.



Note:

If the user is already logged in they will need to log off and back on to join the new group, or the user can run this ..

newgrp kpppusers
kppp

:)



If you want the user to be able to modify dns servers with kppp...

Note: this may also cause the firewall to need reconfiguring for the new dns servers if it's not setup to allow this.

chown root.kpppusers /etc/resolv.conf
chmod 664 /etc/resolv.conf
chown root.kpppusers /etc/ppp/resolv.conf
chmod 664 /etc/ppp/resolv.conf



If not set them manually, put them in your firewall scripts, then do this..

chown root.root /etc/resolv.conf
chmod 644 /etc/resolv.conf
chown root.root /etc/ppp/resolv.conf
chmod 644 /etc/ppp/resolv.conf


:Pengy: :Pengy:


All times are GMT -5. The time now is 08:59 AM.