KPPP can't connect if I'm not root
I've got a strange problem, if I run KPPP by user it seems to connect correctly but I can't do anything cause applications (browsers, xchat, ping..) behave like I'm not connected.
If I run KPPP by root, it connects correctly and I also can use my connection. This are my kppp/pppd permissions: Code:
sid:/home/sly# ls -l /usr/bin/kppp && ls -l /usr/sbin/pppd My modem is 56K /dev/ttyS0 Thank you |
|
Thanks, but I don't have any file "/etc/pam.d/kppp"
I just have a /etc/pam.d/ppp: #%PAM-1.0 # Information for the PPPD process with the 'login' option. auth required pam_nologin.so @include common-auth @include common-account @include common-session Maybe it's because I'm running debian, not red hat :confused: |
Seems to me that if the regular users can connect, but the connection won't work, maybe it is that they can't write to your /etc/resolv.conf. This is where your DNS servers are stored. If you connect as a regular user, what is in this file? As root? You might try giving rw to the group your user in in for this file.
The old fallback chmod u+s /usr/sbin/kpppd should work, but I am always looking for better. RO |
SUID bit is already active per kppp and pppd; /etc/resolv.conf is now rw for everyone.
Before this Monday everything worked correctly, I don't know how now things are so bad... btw those are file informations: sid:~# ls -l /usr/bin/kppp && ls -l /usr/sbin/pppd && ls -l /etc/resolv.conf -rwsrwxrwx 1 root dip 480728 2003-08-03 03:44 /usr/bin/kppp -rwsr-xr-- 1 root dip 277624 2003-10-06 20:26 /usr/sbin/pppd -rw-rw-rw- 1 root sly 84 2003-10-21 19:34 /etc/resolv.conf |
Uhm /etc/resolv.conf returns to -rw-r--r-- even if I set -rw-rw-rw- ... :O
|
What is in the file when you connect as root, then what is in the file when you
connect as a regular user? RO |
/etc/resolv.conf is empty when I'm connected as user, and it contains dns when I'm connected as root :study:
|
Cool. That explains it.
ls -l pppd -rwsrwsrwx 1 root root 213202 Jul 22 2002 pppd I think this is the process that allows the write to /etc/resolve/conf chmod 774 /usr/sbin/pppd should do it if the user is in root's group, if not, you will want to chmod 777 /usr/sbin/pppd See, you assume root when you start kppp, but when root spawns pppd, it works, but you don't have roots priveledge to change your /etc/resolv.conf Someone else may know more details, but I think this should work. RO |
I use this method:
1. Add a new group - dialout 2. Add users who want to use kppp to the group 3. set the permissions : chown root.dialout /usr/sbin/kppp chmod 4750 /usr/sbin/kppp cd /usr/bin rm kppp ln -s /usr/sbin/kppp 4. Create a file /etc/kppp.allow and add users, (who are authorised to do the dialup; user1 in our case) one on each line. There's NO need to add root user here. You can use # for comments. Spaces are also allowed. 5. create a file /etc/ppp/options if not already present |
I changed permissions of pppd to 777 and now it shows like this:
sid:/home/sly# ls -l /usr/sbin/pppd -rwsrwxrwx 1 root dip 277624 2003-10-06 20:26 /usr/sbin/pppd How can I set suid bit for user too? you have -rwsrwsrwx It still doesn't work for now :( @ codec: in file /etc/kppp.allow the user name should be "sly" or user1? thank you |
All times are GMT -5. The time now is 06:35 AM. |