Date: Fri, 28 Jul 2000 12:23:49 -0400 (EDT) From: Antoine@chemcomp.com, Beaupre@chemcomp.com To: FreeBSD-gnats-submit@freebsd.org Subject: conf/20258: Making user-PPP start as an arbitrary user instead of root Message-ID: <20000728162349.8B38983@sky.chemcomp.com>
next in thread | raw e-mail | index | archive | help
>Number: 20258
>Category: conf
>Synopsis: Making user-PPP start as an arbitrary user instead of root
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Jul 28 09:40:03 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Antoine Beaupre
>Release: FreeBSD 4.0-RELEASE i386
>Organization:
Chemical Computing Group, Inc
>Environment:
FreeBSD sky.chemcomp.com 4.0-RELEASE FreeBSD 4.0-RELEASE #7: Tue Jun 27 16:42:57 EDT 2000 root@sky.chemcomp.com:/usr/src/sys/compile/SKY i386
>Description:
User PPP is started as the root user from rc.network. I added a
variable to make it start as an arbitrary user.
>How-To-Repeat:
Arg, the heck with it, here's the patch
>Fix:
Create a "ppp_user" variable which is the user under which ppp should
run. If set to "NO", no su(1) is performed, otherwise, instead of just
calling:
ppp ${ppp_command} -quiet ${ppp_profile}
it is called as
su -c "user" '${ppp_command}'
The meaning of ${ppp_command} is obviously changed, but it should not
interfere with anything else.
*** rc.conf.orig Fri Jul 14 10:54:54 2000
--- rc.conf Fri Jul 14 10:56:19 2000
***************
*** 77,82 ****
--- 77,83 ----
# For details see man page for ppp(8). Default is auto.
ppp_nat="YES" # Use PPP's internal network address translation or NO.
ppp_profile="papchap" # Which profile to use from /etc/ppp/ppp.conf.
+ ppp_user="NO" # Which user to start PPP with (or NO)
### Network daemon (miscellaneous) & NFS options: ###
syslogd_enable="YES" # Run syslog daemon (or NO).
*** rc.network.orig Fri Jul 14 10:56:33 2000
--- rc.network Fri Jul 14 11:26:25 2000
***************
*** 160,167 ****
;;
esac
! echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
! ;;
esac
# Initialize IP filtering using ipfw
--- 160,176 ----
;;
esac
! ppp_command="ppp ${ppp_command} -quiet ${ppp_profile}"
!
! echo -n 'Starting ppp: '
! case ${ppp_user} in
! [Nn][Oo])
! ${ppp_command};
! ;;
! *)
! su ${ppp_user} -c "${ppp_command}";
! ;;
! esac
esac
# Initialize IP filtering using ipfw
*** /usr/src/share/man/man5/rc.conf.5 Fri Mar 3 09:04:56 2000
--- /tmp/rc.conf.5 Fri Jul 28 12:20:18 2000
***************
*** 329,334 ****
--- 329,338 ----
.It Ar ppp_profile
(str) The name of the profile to use from
.Ar /etc/ppp/ppp.conf .
+ .It Ar ppp_user
+ (str) The name of the user under which ppp should be started. If set to
+ .Ar NO ,
+ ppp is started as the root user.
.It Ar rc_conf_files
(str) This option is used to specify a list of files that will override
the settings in
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000728162349.8B38983>