Re: kppp fails authentication for normal user

Thu, 13 Mar 2003 17:00:45 -0600 

On Thu, Mar 13, 2003 at 08:58:12PM +0100, Leopold Palomo Avellaneda wrote:
> A Dimarts 11 Març 2003 20:39, Achim Bohnet va escriure:
> 
> > FWIW:  I installed kppp on a host running KDE 2.2.2 and there kppp is
> > setuid root and setgid dip
> >
> > chandra(0) ~ # l /usr/bin/kppp
> > -rwsr-xr--    1 root     dip        447528 Jan  6 16:12 /usr/bin/kppp
> > chandra(0) ~ # dpkg -l kppp | tail -1
> > ii  kppp           2.2.2-14.6     PPP dialer for KDE
> > chandra(0) ~ #
> >
> > On 3.1 it's only setgid dip
> >
> > lapmara[0] ~ # l /usr/bin/kppp
> > -rwxr-sr--    1 root     dip        416648 Jan 19 17:43 /usr/bin/kppp
> > lapmara[0] ~ # dpkg -l kppp | tail -1
> > ii  kppp           3.1.0-0woody2  KDE dialer and frontend to pppd
> >
> > I have no analog modem at hand now to test if this fixes the problem.
> 
> IFAI no. I had a lot of problems. I had to do both approaches.
> 
> >
> > > I had two approaches:
> > >
> > > 1) Copy the user/passwd to chap/pap-secrets. (Achim idea)
> > >
> > > 2) Add the user to the dip and adm group. Kppp need to read
> > > /var/log/messages (Ralf pointed)
> >
> > I added to /etc/syslog.conf
> >
> >     local2.*                -/var/log/syslog.ppp
> >
> > chgrp dip /var/log/syslog.ppp
> >
> > Strange is: now all files are group adm again.  Maybe one has to tweek
> > syslog a bit more so group dip is also used for new files.
> >
> > But having acces to pppd messages in /var/log is not really necessary. 
> > It's just nice to get a grep ppd  with a single click ;)
> >
> > > Finally it works for me, but manually I had to add the resolv.conf
> > > parameters of the connexion to the /etc/resolf.conf, because, I didn't
> > > had DNS.
> >
> > Didn't 'usepeerdns' help?
> 
> What is this? 

man pppd
/usepeerdns
...
       usepeerdns
              Ask the peer for up to 2 DNS server addresses.  The  addresses
              supplied by the peer (if any) are passed to the /etc/ppp/ip-up
              script in the environment variables DNS1 and DNS2.   In  addi­
              tion, pppd will create an /etc/ppp/resolv.conf file containing
              one or two nameserver lines with the address(es)  supplied  by
              the peer.
...


> >
> > > I think that is a nighmare to conf kppp in debian.
> >
> > Once upon a time it was easier :(
> 
> Tell me why???

The only thing one had to change was to set 'noauth' option.

> Well, I think that we have to do something to  resolve it. 

Next I would do if I had time ;) is to check in the source how kppp
passes the password to pppd.  That's the point where it goes wrong.

Achim
> 
> Leo
> 
> 
> 
> -- 
> Linux User 152692 
> Catalonia
>

Reply via email to