From owner-freebsd-questions Fri May 7 3:37: 2 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mtu.ru (ns.mtu.ru [195.34.32.10]) by hub.freebsd.org (Postfix) with ESMTP id D9CCB14E7C; Fri, 7 May 1999 03:36:57 -0700 (PDT) (envelope-from daktaklakpak@public.mtu.ru) Received: from dial57224.mtu-net.ru (dial57224.mtu-net.ru [195.34.57.224]) by mtu.ru (Postfix) with ESMTP id 078242E70; Fri, 7 May 1999 13:36:54 +0400 (MSK) Date: Fri, 7 May 1999 14:34:57 +0400 (MSD) From: Danil Shebunin X-Sender: danil@free-bsd.space To: Brian Somers Cc: freebsd-questions@FreeBSD.org, freebsd-hackers@FreeBSD.org Subject: Re: Kernel PPP (PPPD): ip-up & ip-down scripts execution In-Reply-To: <199905070732.IAA10146@keep.lan.Awfulhak.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Recipient: brian@Awfulhak.org X-Envelope-To: brian@Awfulhak.org Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 7 May 1999, Brian Somers wrote: > Your best bet is to run pppd as root. Alternatively, use user-ppp > and the ``set filter'' command. > In my situation I can't run pppd as root. Furthermore, pppd have owner root and group bin and have setuid bit set (I understand so, it must run as root). You ask: Why I can't run pppd as root? I have create a special account on gate machine. Inernet users may login with this account via telnet and remotely manage pppd work, view connection info, statistics, e.t.c. And pppd doing well with this account, no 'Permission denied' or other things. And finally - the cut from man 8 pppd: "[...] The scripts (ip-up, ip-down and others - D.S.) are executed as root (with the real and effective user-id set to 0), so that they can do things such as update routing tables or run privileged daemons. [...]" I don't see any obstructions to run ipfw from ip-up script - but it don't run. I do 'ipfw show' and it shows me firewall rules after machine boot, not the ones, I set in ip-up. And user ppp... Well, I think it will be harder to manage user ppp daemon from scripts. Maybe it's a bug: in pppd or in my head? P.S. PLEASE! PLEASE! PLEASE! Reply to my e-mail - I have not subscribed to these maillists. -- ===---===---===---===---===---=== Have a nice CONNECT! Dan (daktaklakpak@public.mtu.ru) ===---===---===---===---===---=== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message