From owner-freebsd-questions  Tue Jan 11 17:54:46 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from aragorn.neomedia.it (aragorn.neomedia.it [195.103.207.6])
	by hub.freebsd.org (Postfix) with ESMTP id 3C6BC14E10
	for <freebsd-questions@FreeBSD.ORG>; Tue, 11 Jan 2000 17:54:33 -0800 (PST)
	(envelope-from bartequi@nojunk.com)
Received: from bartequi.ottodomain.org (ppp9-pa4.neomedia.it [195.103.207.201])
	by aragorn.neomedia.it (8.9.3/8.9.3) with SMTP id CAA02835;
	Wed, 12 Jan 2000 02:54:19 +0100 (CET)
From: Salvo Bartolotta <bartequi@nojunk.com>
Date: Wed, 12 Jan 2000 01:55:52 GMT
Message-ID: <20000112.1555200@bartequi.ottodomain.org>
Subject: Re: how to let a user use PPP -- followup:  mea culpa
To: "eric@etcomp.com" <eric@etcomp.com>
Cc: freebsd-questions@FreeBSD.ORG
References: <387BB4D5.C4EACA81@etcomp.com>
X-Mailer: Supercalifragilis
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 1/11/00, 11:55:17 PM, "eric@etcomp.com" <eric@etcomp.com> wrote
regarding how to let a user use PPP:


> hi., i'm wondering., how do i let a regular user., use PPP to dial to
> the ISP.. MSN. thanks i don't like to dialup using root ., ya know
> --
> .
> 'i trust i can rely on your vote'
> -radiohead [http://radiohead.co.uk]


Dear Eric,

I wrote a little too quickly and I stated something slightly inexact
(lapsus calami) :-(

Here it goes ...

you have two options (kernel and user PPP).
Please try both as an exercise :-)

They are described in the docs (yet again !).

Hint I (kernel PPP)
You migh wish to define a /etc/ppp/peers and write an
/etc/ppp/peers/your_options(for your isp) file in which ...

----------------------------------------------------------------

From pppd(8):

FILES
       /var/run/pppn.pid (BSD or Linux), /etc/ppp/pppn.pid (oth-
              ers)
              Process-ID for pppd process on ppp  interface  unit
              n.

       /etc/ppp/pap-secrets
              Usernames,  passwords  and  IP  addresses  for  PAP
              authentication.  This file should be owned by  root
              and  not  readable  or  writable by any other user.
              Pppd will log a warning if this is not the case.




                                                               22





PPPD(8)                                                   PPPD(8)


       /etc/ppp/chap-secrets
              Names, secrets and IP addresses for CHAP  authenti-
              cation.   As  for  /etc/ppp/pap-secrets,  this file
              should  be  owned  by  root  and  not  readable  or
              writable  by any other user.  Pppd will log a warn-
              ing if this is not the case.

       /etc/ppp/options
              System default options for pppd, read  before  user
              default options or command-line options.

       ~/.ppprc
              User      default      options,     read     before
              /etc/ppp/options.ttyname.

       /etc/ppp/options.ttyname
              System default options for the  serial  port  being
              used,  read after ~/.ppprc.  In forming the ttyname
              part of this filename, an initial /dev/ is stripped
              from the port name (if present), and any slashes in
              the remaining part are converted to dots.

=3D=3D=3D=3D> /etc/ppp/peers
              A directory containing options files which may con-
              tain  privileged  options, even if pppd was invoked
              by a user other than root.  The system  administra-
              tor  can  create options files in this directory to
              permit non-privileged users  to  dial  out  without
              requiring  the  peer  to  authenticate, but only to
              certain trusted peers.

       /etc/ppp/ppp.deny
              Lists users who may not use the system password PAP
              authentication.

       /etc/ppp/ppp.shells
              Lists  user  shells  which  are approved for system
              password PAP authentication logins.

-----------------------------------------------------------------

I used the chat program for my homebox.
You can use whatever program you like :-)
It is the /etc/ppp/peers/your_options file which contains,
among other options, the reference to your chat file (i.e. the string
connect '[omissis...] /etc/ppp/chat_your_isp` ). Both files don't
need execution permissions. My hand slipped here :-(

Next, I wrote some scripts (kernelppp-on, kernelppp-off ... )in
/etc/ppp, so that I would run them as a user (member of the network
group).
I have given all this stuff the appropriate permissions,  so that it
can be used by the members of the network group. I can use both kernel
and the follwing userland PPP as an ordinary user (network group).

<pant,pant>.


I hope I have given you an overall idea.
It is more complicated to say than to do ...


Actually, I worked this out by myself (handbook, man pages, trial and
error etc.). There isn't, AFAIR, a step-by-step guide.
The idea  should be correct and works fairly well.=20
If it isn't, I will certainly be scolded soon :-))








Hint II (user PPP)
You migh wish to add a "allow users my_user1 my_user2 ... " in
/etc/ppp/ppp.conf.

Your "Internet" users should belong to the network group.
Read the archives, too ! ;-)

Both PPP seem to work well for me.

Best regards,
Salvo

N.B. myjokingdomain =3D=3D=3D> neomedia.it to e-mail to me.


  *******************************
  *                             *
  * Windows: brain-dead limits  *
  * BeOS: limited apps          *
  * Linux: unlimited (mindset)  *
  * FreeBSD: no limits          *
  *                             *
  *******************************





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message