[Cooker] kppp missing when installing a networking client
Hi! I think kppp should be standard when installing a network client. It is the only modem setup utility that has been working for me (except some redhat utility, but that is another story). keld
Re: [Cooker] kppp and suid
> It seems that pppd can't be run as non-root user. > I've tried and pppd writes the following to syslog: > "/usr/sbin/pppd: must be root to run /usr/sbin/pppd, since it is not > setuid-root" Errm, perhaps I was wrong, I tried to set device on pppd command line ... But a strace on pppd gave this : geteuid32() = 501 write(2, "/usr/sbin/pppd: must be root to "..., 80/usr/sbin/pppd: must be root to run /usr/sbin/pppd, since it is not setuid-root Shouldn't geteuid32() return 0 since geteuid() returns the effective user ID of the current process. The effective ID corresponds to the set ID bit on the file being executed, so root with pppd. -- Olivier Blin
Re: [Cooker] kppp and suid
> pppd running as root != pppd running by root yes > The only way to dial up for user is to use peer scripts and having > pppd setuid root. This way pppd can be started by user, since pppd > call is not a priviliged option. :) It seems that pppd can't be run as non-root user. I've tried and pppd writes the following to syslog: "/usr/sbin/pppd: must be root to run /usr/sbin/pppd, since it is not setuid-root" But pppd is setuid root ... $ ls -l /usr/sbin/pppd -rwsr-xr-t1 root root 221656 aoû 13 12:03 /usr/sbin/pppd -- Olivier Blin
Re: [Cooker] kppp and suid
Am Samstag, 16. August 2003 22:37 schrieb Olivier Blin: > > > kppp has root suid, is it really necessary ? > > > pppd has already root suid, shouldn't it be be enough ? > > > > no, since kppp needs to write into /etc/ppp/* > > Does it really need to write there ? > No way to use ~/.ppprc only ? > > I've noticed that all dialers use /var/lock/LCK..ttyS? files. > So they must be run as root. > This prevent for example wvdial to be run as non-root user. Well nothing to discuss here. pppd running as root != pppd running by root The only way to dial up for user is to use peer scripts and having pppd setuid root. This way pppd can be started by user, since pppd call is not a priviliged option. :) Steffen
Re: [Cooker] kppp and suid
> > kppp has root suid, is it really necessary ? > > pppd has already root suid, shouldn't it be be enough ? > no, since kppp needs to write into /etc/ppp/* Does it really need to write there ? No way to use ~/.ppprc only ? I've noticed that all dialers use /var/lock/LCK..ttyS? files. So they must be run as root. This prevent for example wvdial to be run as non-root user. -- Olivier Blin
Re: [Cooker] kppp and suid
Am Samstag, 16. August 2003 21:20 schrieb Diego Iastrubni: > בשבת, 16 באוגוסט 2003, 21:25, Steffen Barszus כתב: > > Am Samstag, 16. August 2003 19:13 schrieb Olivier Blin: > > > Hi > > > > > > kppp has root suid, is it really necessary ? > > > pppd has already root suid, shouldn't it be be enough ? > > > > pppd setuid root => pppd has access to all files it needs as well as > > devices and is able to set the route > > kppp setuid root => using pppd as you were root, needed since using pppd > > as user you have only limited access to pppd. you can only dial with > > peerscripts and not set priviliged options. So kppp not running setuid > > root would result in not beeing able to use it at all. > > > > Steffen > > but if kppp is run as normal user, and then it invokes pppd which is suid > root, then pppd will become root no? What I mean is the following (man pppd): As indicated above, some security-sensitive options are privileged, which means that they may not be used by an ordinary non-privileged user running a setuid-root pppd, either on the command line, in the user's ~/.ppprc file, or in an options file read using the file option. Privileged options may be used in /etc/ppp/options file or in an options file read using the call option. If pppd is being run by the root user, privileged options can be used without restriction. If pppd is setuid root it has access as if it is root, but it is not run as if root has started it. Steffen
Re: [Cooker] kppp and suid
בשבת, 16 באוגוסט 2003, 21:25, Steffen Barszus כתב: > Am Samstag, 16. August 2003 19:13 schrieb Olivier Blin: > > Hi > > > > kppp has root suid, is it really necessary ? > > pppd has already root suid, shouldn't it be be enough ? > > pppd setuid root => pppd has access to all files it needs as well as > devices and is able to set the route > kppp setuid root => using pppd as you were root, needed since using pppd as > user you have only limited access to pppd. you can only dial with > peerscripts and not set priviliged options. So kppp not running setuid root > would result in not beeing able to use it at all. > > Steffen but if kppp is run as normal user, and then it invokes pppd which is suid root, then pppd will become root no? -- - diego _ / Come, landlord, fill the flowing bowl \ | until it does run over, Tonight we will | | all merry be -- tomorrow we'll get | | sober. -- John Fletcher, "The Bloody| \ Brother", II, 2 / - \ ^__^ \ (xx)\___ (__)\ )\/\ U ||w | || || Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
Re: [Cooker] kppp and suid
Am Samstag, 16. August 2003 19:13 schrieb Olivier Blin: > Hi > > kppp has root suid, is it really necessary ? > pppd has already root suid, shouldn't it be be enough ? pppd setuid root => pppd has access to all files it needs as well as devices and is able to set the route kppp setuid root => using pppd as you were root, needed since using pppd as user you have only limited access to pppd. you can only dial with peerscripts and not set priviliged options. So kppp not running setuid root would result in not beeing able to use it at all. Steffen
Re: [Cooker] kppp and suid
On Saturday 16 August 2003 19:51, Diego Iastrubni wrote: > > Hi > > > > kppp has root suid, is it really necessary ? > > pppd has already root suid, shouldn't it be be enough ? > > no, since kppp needs to write into /etc/ppp/* what about using a group for this ? /etc/ppp/ could be group writeable, and kppp sgid to this group. -- Michaël Scherer
Re: [Cooker] kppp and suid
בשבת, 16 באוגוסט 2003, 20:13, Olivier Blin כתב: > Hi > > kppp has root suid, is it really necessary ? > pppd has already root suid, shouldn't it be be enough ? no, since kppp needs to write into /etc/ppp/* -- - diego _ / Never lie down with a woman who's got \ | more troubles than you -- Murphy's Laws | \ on Sex n°39 / - \ ^__^ \ (xx)\___ (__)\ )\/\ U ||w | || || Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
[Cooker] kppp and suid
Hi kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? -- Olivier Blin
Re: [Cooker] kppp messing up CHAP logins?
On Mon, 2002-08-12 at 19:32, Crispin Boylan wrote: > Hi > i've tried to use kppp with BTOpenworld here in the uk (it uses CHAP > authentication) but no matter what I do, it won't connect. However, my > other ISP Easynet which uses PAP for authentication connects perfectly > everytime. > > using just the normal pppd scripts works fine for both its only in kppp > that problems occur..incidently with Easynet CHAP and PAP is supported > and CHAP doesnt work for easynet in kppp either, whilst using pppd > scripts with it and chap work fine as well. > It works fine for me. I use kppp to connect to BTInternet, so don't think it's a general issue. ian.
[Cooker] kppp messing up CHAP logins?
Hi i've tried to use kppp with BTOpenworld here in the uk (it uses CHAP authentication) but no matter what I do, it won't connect. However, my other ISP Easynet which uses PAP for authentication connects perfectly everytime. using just the normal pppd scripts works fine for both its only in kppp that problems occur..incidently with Easynet CHAP and PAP is supported and CHAP doesnt work for easynet in kppp either, whilst using pppd scripts with it and chap work fine as well. is this a mandrake/kde/ppp bug? kdenetwork-3.0.2-9mdk ppp-2.4.1-6mdk kdebase-3.0.2-28mdk kdelibs-3.0.2-16mdk cheers cris.
Re: [Cooker] kppp and wrong permission on /etc/resolv.conf
I posted this to the KDE bug system, but so far no feed back. Owen On Saturday 25 Aug 2001 4:03 pm, you wrote: > Hi all, > is someone fixing that boring bugs on kppp? Each time kppp starts, files > /etc/resolve.conf has permission > > -rw---rootWHO_USED_KPPP resolv.conf > > C.
[Cooker] kppp and wrong permission on /etc/resolv.conf
Hi all, is someone fixing that boring bugs on kppp? Each time kppp starts, files /etc/resolve.conf has permission -rw--- rootWHO_USED_KPPP resolv.conf C.
RE: [Cooker] kppp problem
> > Yes, I reported this a few days ago to the kde bug system. When kppp drops > the connection it changes the permisions on /etc/resolv.conf to "-r--- > - > root root" so mere mortals cannot even read it. I now keep a root console > open just to reset the permissions on the file !!! It all works then. > Actually it is "root ". Which does change the fact that it is root-only readable. -andrej
Re: [Cooker] kppp problem
Yes, I reported this a few days ago to the kde bug system. When kppp drops the connection it changes the permisions on /etc/resolv.conf to "-r root root" so mere mortals cannot even read it. I now keep a root console open just to reset the permissions on the file !!! It all works then. Owen On Wednesday 22 Aug 2001 8:25 pm, you wrote: > As I just joined the list, I don't know if this problem has been brought up > before. I am having a problem with kppp going in and changing perms on > /etc/resolv.conf to 600. Then neither kppp nor the browsers are able to > access /etc/resolv.conf. Anybody aware of whats going on here? > > Thanks, > > George Mitchell > [EMAIL PROTECTED]
[Cooker] kppp problem
As I just joined the list, I don't know if this problem has been brought up before. I am having a problem with kppp going in and changing perms on /etc/resolv.conf to 600. Then neither kppp nor the browsers are able to access /etc/resolv.conf. Anybody aware of whats going on here? Thanks, George Mitchell [EMAIL PROTECTED]
[Cooker] kppp and PCI modem (/dev/ttyS4) problem
As you know :-) serial driver enumerates PCI modems starting with ttyS4 (COM5) leaving first four COM ports reserved for legacy devices. Because devfs won't remember my /dev/modem :-) I decided ti reconfigure kppp to use /dev/ttyS4. It turned out, it suggests only /dev/ttyS{0-3} *or* /dev/modem. Cool, is not it? It makes me wonder what happens if I use draknet to configure higher ports (it allows 8 ports). Anyway - anybody cares to fix kppp to allow higher port numbers? -andrej
[Cooker] kppp issue
I tried inputing a new account into kppp and I could not get it to work for me... kept getting errors. But accounts I had previously set up worked fine. I went to $HOME/.kde/share/config/kppprc to search for any differences and noticed that the one that did not work was set to Authentication=0 while the ones that worked were set to Authentication=1. I made that change and it worked properly. = SI Reasoning [EMAIL PROTECTED] gnupg/pgp key id 035213BC __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/
[Cooker] kppp does not disconnect on exiting X
Hello, kppp does not disconnect when exiting X (and it doesn't matter whether the 'disconnect on X server shutdown' is checked or not). Owen
Re: [Cooker] KPPP
On Sun, 08 Oct 2000, Christopher Molnar wrote: > On Thu, 05 Oct 2000, Prana wrote: > > Hiya, > > KPPP doesn't dock anymore. I missed KDE1 when KPPP can dock into the > > panel when it dials up. Note that I didn't try this yet on 1.99 > > though... > > kppp ---> setup ---> misc tab and select dock on connect. > You also need to add the System Tray applet to your panel. -- -- Peter Ruskin <[EMAIL PROTECTED]> Wrexham, UK KDE - the professionals' choice --
Re: [Cooker] KPPP
What's the button that seems to be below quit on disconnect in kppp misc options? on mine I can barely see the top of a button. On Sun, 08 Oct 2000, you wrote: > > > KPPP doesn't dock anymore. I missed KDE1 when KPPP can dock into the > > > panel when it dials up. Note that I didn't try this yet on 1.99 > > > though... > > > > kppp ---> setup ---> misc tab and select dock on connect. > > I think you're wrong. KDE2 doens't support docking of KDE1-Apps. > (But perhaps kppp is ready for KDE2, I didn't test this...) > > I also would like to repeat what I already wrote twice but never got an > answer: In 7.2beta3, a kppp link appears on the KDE2-Desktop captionned > "Internet". I think this is no good since people without a modem cannot > dial with kppp. Any answers?
Re: [Cooker] KPPP
> > KPPP doesn't dock anymore. I missed KDE1 when KPPP can dock into the > > panel when it dials up. Note that I didn't try this yet on 1.99 > > though... > > kppp ---> setup ---> misc tab and select dock on connect. > I think you're wrong. KDE2 doens't support docking of KDE1-Apps. (But perhaps kppp is ready for KDE2, I didn't test this...) I also would like to repeat what I already wrote twice but never got an answer: In 7.2beta3, a kppp link appears on the KDE2-Desktop captionned "Internet". I think this is no good since people without a modem cannot dial with kppp. Any answers?
Re: [Cooker] KPPP
On Thu, 05 Oct 2000, Prana wrote: > Hiya, > KPPP doesn't dock anymore. I missed KDE1 when KPPP can dock into the > panel when it dials up. Note that I didn't try this yet on 1.99 > though... kppp ---> setup ---> misc tab and select dock on connect. -Chris
[Cooker] KPPP
Hiya, KPPP doesn't dock anymore. I missed KDE1 when KPPP can dock into the panel when it dials up. Note that I didn't try this yet on 1.99 though... -- Prana <[EMAIL PROTECTED]> http://www.cyest.org My GnuPG Key ID: 0x33343FD3 (2000-07-21) Key fingerprint = F1FB 1F76 8866 0F40 A801 D9DA 6BED 6641 3334 3FD3 http://blackhole.pca.dfn.de:11371/pks/lookup?op=get&search=0x33343FD3
[Cooker] kppp command line failure reproducible error
Latest kppp in kdenetwork seems to suffer a reproducible bug. I have multiple dial-up ISPs and have connected with ISP1 and then disconnected, if I try to connect with ISP2 using the command line option kppp -c ISP2 it fails. It appears to confuse the last used ISP connection with the command line one. I'm not sure if it's trying to pass the wrong password or authentication type but repeatedly fails. _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Re: [Cooker] kppp doesnt work with normal user (kde2 beta 4)
It is known problem. There was discussion on KDE-User list concerning this appx. 2 weeks ago. Unfortunately, I was the only Mandrake user, and proposed solution was not working for me (edit pam file for kppp) Take a look on kde-user archieve. Vadim On Thu, 31 Aug 2000, Andrew Kirrage wrote: | | When logged on as a normal user( not root), kppp doesnt work in the | current kde2 beta . Firstly it says 'unable to open lock file'. Then when I | untick the use lock file box it says 'unable to open modem' | | Thanks | | Andrew Content-Type: text/html; name="unnamed" Content-Transfer-Encoding: quoted-printable Content-Description: -- Vadim Plessky
[Cooker] kppp doesnt work with normal user (kde2 beta 4)
When logged on as a normal user( not root), kppp doesnt work in the current kde2 beta . Firstly it says 'unable to open lock file'. Then when I untick the use lock file box it says 'unable to open modem' Thanks Andrew
Re: [Cooker] Kppp and some permissions problems
Civileme <[EMAIL PROTECTED]> writes: > Custom > > Low Security > > Passwoeds were activated. > > User gets message that suid bit not set in pppd and kppp cannot run > please contact system administrator > > OK > > pppd suid bit set with chmod. > > User now hangs on "cannot create lock file" and "cannot open modem" > > This may need some attention before release. > > Civileme you have tried an older version. i just tried it, it works nice. -- Guillaume Cottenceau
Re: [Cooker] Kppp and some permissions problems
Civileme <[EMAIL PROTECTED]> writes: > Custom > > Low Security > > Passwoeds were activated. > > User gets message that suid bit not set in pppd and kppp cannot run > please contact system administrator > > OK > > pppd suid bit set with chmod. > > User now hangs on "cannot create lock file" and "cannot open modem" chmod +s /usr/bin/kppp > This may need some attention before release. sure. > > Civileme > > > > -- > BETA-testing Netscape 6 > and its mailer > > -- Guillaume Cottenceau
[Cooker] Kppp and some permissions problems
Custom Low Security Passwoeds were activated. User gets message that suid bit not set in pppd and kppp cannot run please contact system administrator OK pppd suid bit set with chmod. User now hangs on "cannot create lock file" and "cannot open modem" This may need some attention before release. Civileme -- BETA-testing Netscape 6 and its mailer
[Cooker] KPPP Desktop Icon (as user) is not displaying.
Kppp Desktop Icon (as user) is not displaying.