Date: Wed, 12 Jan 2000 01:55:52 GMT From: Salvo Bartolotta <bartequi@nojunk.com> To: "eric@etcomp.com" <eric@etcomp.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: how to let a user use PPP -- followup: mea culpa Message-ID: <20000112.1555200@bartequi.ottodomain.org> References: <387BB4D5.C4EACA81@etcomp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<< On 1/11/00, 11:55:17 PM, "eric@etcomp.com" <eric@etcomp.com> wrote regarding how to let a user use PPP: > hi., i'm wondering., how do i let a regular user., use PPP to dial to > the ISP.. MSN. thanks i don't like to dialup using root ., ya know > -- > . > 'i trust i can rely on your vote' > -radiohead [http://radiohead.co.uk] Dear Eric, I wrote a little too quickly and I stated something slightly inexact (lapsus calami) :-( Here it goes ... you have two options (kernel and user PPP). Please try both as an exercise :-) They are described in the docs (yet again !). Hint I (kernel PPP) You migh wish to define a /etc/ppp/peers and write an /etc/ppp/peers/your_options(for your isp) file in which ... ---------------------------------------------------------------- From pppd(8): FILES /var/run/pppn.pid (BSD or Linux), /etc/ppp/pppn.pid (oth- ers) Process-ID for pppd process on ppp interface unit n. /etc/ppp/pap-secrets Usernames, passwords and IP addresses for PAP authentication. This file should be owned by root and not readable or writable by any other user. Pppd will log a warning if this is not the case. 22 PPPD(8) PPPD(8) /etc/ppp/chap-secrets Names, secrets and IP addresses for CHAP authenti- cation. As for /etc/ppp/pap-secrets, this file should be owned by root and not readable or writable by any other user. Pppd will log a warn- ing if this is not the case. /etc/ppp/options System default options for pppd, read before user default options or command-line options. ~/.ppprc User default options, read before /etc/ppp/options.ttyname. /etc/ppp/options.ttyname System default options for the serial port being used, read after ~/.ppprc. In forming the ttyname part of this filename, an initial /dev/ is stripped from the port name (if present), and any slashes in the remaining part are converted to dots. =3D=3D=3D=3D> /etc/ppp/peers A directory containing options files which may con- tain privileged options, even if pppd was invoked by a user other than root. The system administra- tor can create options files in this directory to permit non-privileged users to dial out without requiring the peer to authenticate, but only to certain trusted peers. /etc/ppp/ppp.deny Lists users who may not use the system password PAP authentication. /etc/ppp/ppp.shells Lists user shells which are approved for system password PAP authentication logins. ----------------------------------------------------------------- I used the chat program for my homebox. You can use whatever program you like :-) It is the /etc/ppp/peers/your_options file which contains, among other options, the reference to your chat file (i.e. the string connect '[omissis...] /etc/ppp/chat_your_isp` ). Both files don't need execution permissions. My hand slipped here :-( Next, I wrote some scripts (kernelppp-on, kernelppp-off ... )in /etc/ppp, so that I would run them as a user (member of the network group). I have given all this stuff the appropriate permissions, so that it can be used by the members of the network group. I can use both kernel and the follwing userland PPP as an ordinary user (network group). <pant,pant>. I hope I have given you an overall idea. It is more complicated to say than to do ... Actually, I worked this out by myself (handbook, man pages, trial and error etc.). There isn't, AFAIR, a step-by-step guide. The idea should be correct and works fairly well.=20 If it isn't, I will certainly be scolded soon :-)) Hint II (user PPP) You migh wish to add a "allow users my_user1 my_user2 ... " in /etc/ppp/ppp.conf. Your "Internet" users should belong to the network group. Read the archives, too ! ;-) Both PPP seem to work well for me. Best regards, Salvo N.B. myjokingdomain =3D=3D=3D> neomedia.it to e-mail to me. ******************************* * * * Windows: brain-dead limits * * BeOS: limited apps * * Linux: unlimited (mindset) * * FreeBSD: no limits * * * ******************************* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000112.1555200>