From owner-freebsd-hackers  Fri Feb 12 19:18:25 1999
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA18836
          for freebsd-hackers-outgoing; Fri, 12 Feb 1999 19:18:25 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from picnic.mat.net (b133.mat.net [206.246.122.133] (may be forged))
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA18822
          for <freebsd-hackers@FreeBSD.ORG>; Fri, 12 Feb 1999 19:18:18 -0800 (PST)
          (envelope-from chuckr@mat.net)
Received: from localhost (chuckr@localhost)
	by picnic.mat.net (8.9.3/8.8.5) with ESMTP id WAA56286;
	Fri, 12 Feb 1999 22:16:27 -0500 (EST)
Date: Fri, 12 Feb 1999 22:16:27 -0500 (EST)
From: Chuck Robey <chuckr@mat.net>
To: Terry Lambert <tlambert@primenet.com>
cc: phoenix@calldei.com, netmonger@genesis.ispace.com,
        freebsd-hackers@FreeBSD.ORG
Subject: Re: ppp server side startup commands
In-Reply-To: <199902122340.QAA26002@usr01.primenet.com>
Message-ID: <Pine.BSF.4.05.9902122210320.317-100000@picnic.mat.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 12 Feb 1999, Terry Lambert wrote:

> >    Or you could do something entirely simpler.
> > 
> >    Write a shell script containing the line - make SURE you set the path
> > (i.e. do this:
> > 
> > PATH=/usr/bin:/usr/sbin:/sbin:/usr/local/bin
> > )
> > 
> >    Have root own it and make it setuid 0.  (chmod u+s yourscript)
> 
> Shell scripts aren't allowed to be SUID root.
> 
> 
> To solve the problem, though:
> 
> http://www.ietf.org/internet-drafts/draft-ietf-dhc-agent-options-05.txt
> 
> The PPP server should obtain IP addresses via DHCP.

Terry, these are static IPs (like I said).  Why would I want to get IP
numbers that I already know of?  I have to experiment with Brian's
solution (which bothers me much more, because it doesn't seem to give me
a chance to tell ppp what the additional IP number is).  I haven't yet
tested Brian's answer, but I was under the impression that DHCP was used
to ID machines;  wny would I want to ID a machine I already know of?

OTOH, thanks for the info about the script.  I was fairly sure the idea
of making any script suid was really wrong, I'd forgotten why that was
so.  I knew about the sudo suggestion, but using sudo just seems like a
security problem.

Just in case you forgot, the idea was, ON THE SERVER SIDE ONLY, to take
and allow for an extra static IP on the client side.  This meant one
more arp and one more route command one the server.  I can handle the
client side fine now.


----------------------------+-----------------------------------------------
Chuck Robey                 | Interests include any kind of voice or data 
chuckr@glue.umd.edu         | communications topic, C programming, and Unix.
213 Lakeside Drive Apt T-1  |
Greenbelt, MD 20770         | I run picnic (FreeBSD-current)
(301) 220-2114              | and jaunt (Solaris7).
----------------------------+-----------------------------------------------





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message