Re: kppp fails authentication for normal user
On Thu, Mar 13, 2003 at 08:58:12PM +0100, Leopold Palomo Avellaneda wrote:
> A Dimarts 11 Març 2003 20:39, Achim Bohnet va escriure:
> > FWIW: I installed kppp on a host running KDE 2.2.2 and there kppp is
> > setuid root and setgid dip
> > chandra(0) ~ # l /usr/bin/kppp
> > -rwsr-xr-- 1 root dip 447528 Jan 6 16:12 /usr/bin/kppp
> > chandra(0) ~ # dpkg -l kppp | tail -1
> > ii kppp 2.2.2-14.6 PPP dialer for KDE
> > chandra(0) ~ #
> > On 3.1 it's only setgid dip
> > lapmara ~ # l /usr/bin/kppp
> > -rwxr-sr-- 1 root dip 416648 Jan 19 17:43 /usr/bin/kppp
> > lapmara ~ # dpkg -l kppp | tail -1
> > ii kppp 3.1.0-0woody2 KDE dialer and frontend to pppd
> > I have no analog modem at hand now to test if this fixes the problem.
> IFAI no. I had a lot of problems. I had to do both approaches.
> > > I had two approaches:
> > >
> > > 1) Copy the user/passwd to chap/pap-secrets. (Achim idea)
> > >
> > > 2) Add the user to the dip and adm group. Kppp need to read
> > > /var/log/messages (Ralf pointed)
> > I added to /etc/syslog.conf
> > local2.* -/var/log/syslog.ppp
> > chgrp dip /var/log/syslog.ppp
> > Strange is: now all files are group adm again. Maybe one has to tweek
> > syslog a bit more so group dip is also used for new files.
> > But having acces to pppd messages in /var/log is not really necessary.
> > It's just nice to get a grep ppd with a single click ;)
> > > Finally it works for me, but manually I had to add the resolv.conf
> > > parameters of the connexion to the /etc/resolf.conf, because, I didn't
> > > had DNS.
> > Didn't 'usepeerdns' help?
> What is this?
Ask the peer for up to 2 DNS server addresses. The addresses
supplied by the peer (if any) are passed to the /etc/ppp/ip-up
script in the environment variables DNS1 and DNS2. In addi
tion, pppd will create an /etc/ppp/resolv.conf file containing
one or two nameserver lines with the address(es) supplied by
> > > I think that is a nighmare to conf kppp in debian.
> > Once upon a time it was easier :(
> Tell me why???
The only thing one had to change was to set 'noauth' option.
> Well, I think that we have to do something to resolve it.
Next I would do if I had time ;) is to check in the source how kppp
passes the password to pppd. That's the point where it goes wrong.
> Linux User 152692