Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 7 May 1999 14:34:57 +0400 (MSD)
From:      Danil Shebunin <daktaklakpak@public.mtu.ru>
To:        Brian Somers <brian@Awfulhak.org>
Cc:        freebsd-questions@FreeBSD.org, freebsd-hackers@FreeBSD.org
Subject:   Re: Kernel PPP (PPPD): ip-up & ip-down scripts execution 
Message-ID:  <Pine.BSF.4.05.9905071343040.314-100000@free-bsd.space>
In-Reply-To: <199905070732.IAA10146@keep.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, 7 May 1999, Brian Somers wrote:

> Your best bet is to run pppd as root.  Alternatively, use user-ppp 
> and the ``set filter'' command.
> 

In my situation I can't run pppd as root. Furthermore, pppd have owner
root and group bin and have setuid bit set (I understand so, it must run
as root).

You ask: Why I can't run pppd as root? I have create a special account on
gate machine. Inernet users may login with this account via telnet and
remotely manage pppd work, view connection info, statistics, e.t.c. And
pppd doing well with this account, no 'Permission denied' or other things.

And finally - the cut from man 8 pppd:
"[...] The scripts (ip-up, ip-down and others - D.S.) are executed as
root (with the real and effective user-id set to 0), so that they can do
things such as update routing tables or run privileged daemons. [...]"
I don't see any obstructions to run ipfw from ip-up script - but it don't
run. I do 'ipfw show' and it shows me firewall rules after machine boot,
not the ones, I set in ip-up.

And user ppp... Well, I think it will be harder to manage user ppp daemon
from scripts.

Maybe it's a bug: in pppd or in my head?

P.S. PLEASE! PLEASE! PLEASE!
Reply to my e-mail - I have not subscribed to these maillists.

-- 
===---===---===---===---===---===
Have a nice CONNECT!
Dan (daktaklakpak@public.mtu.ru)
===---===---===---===---===---===




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9905071343040.314-100000>