[lug] Scripting PPP

Charles Morrison cmorrison at info2000.net
Mon May 8 15:52:21 MDT 2000


On Mon, 08 May 2000, you wrote:
> I was doing further research on the issue...you brought up compelling
> points. I happened across this document and it suggests that sudo would
> be the best way because you have to have root privleges to start/stop
> the session. Are you saying that you somehow found a way around the
> setuid issue? If you have a minute, would you mind reading the bottom of
> the page at this link and giving me your opinion? 
> http://www.linuxdoc.org/HOWTO/PPP-HOWTO-11.html#root
> 
> Much thanks.

Somewhere along the line you will need to have a setuid process running in
order to make all the changes happen when you connect if you run your script as
anyone but root. However, as the document you refer to mentions, this is
happening at the /usr/bin/pppd level, not in your script permissions.

Your link mentions the approach I was talking about towards the end of the
page, with a group "PPP" which has permissions to execute the suid program
/usr/sbin/pppd and the non-suid programs ppp-on and ppp-off. 

The sudo approach is another option. I've not used it myself. 











> 
> Charles Morrison wrote:
> > 
> > Personally, I would be more paraniod. I'd create a priviledged group that can
> > connect using ppp0 and use a non-root user for the script. It wasn't too long
> > ago, maybe still is with some distros, that this was about the only way I
> > could use ppp without being root. I'm sure there were others, but It was how I
> > did it.
> 
> -- 
> 
> ----
> Kyle Moore
> UNIX Systems Administrator
> ---------------------------------------
> Trust Company of America / Gemisys
> 7103 South Revere Parkway
> Englewood, CO 80112
> ---------------------------------------
> Email: kmoore at trustamerica.com
> Voice: 303-705-6212
> Pager: 303-656-1131
> Fax: 303-705-6171
> Web Site: http://www.trustamerica.com                
> ---------------------------------------
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
-- 
Chuck Morrison
VA Linux - Western Region
Sr Systems Engineer




More information about the LUG mailing list