Re: pppd changes permission to /dev/ttyS1 (my modem)
On Fri, 08 Sep 2000, David Wright wrote:
> Quoting Piotr Krukowiecki (piotr@pingu.ii.uj.edu.pl):
> > On Mon, 04 Sep 2000, David Wright wrote:
> >
> > > Quoting Mario Olimpio de Menezes (mario@curiango.ipen.br):
> > > > On Mon, 4 Sep 2000, Piotr Krukowiecki wrote:
> > > > >
> > > > > pppd removes g+w from /dev/ttyS1 after it is started. So next time I have
> > > > > to be root to use my modem (and to connect to internet). How to make pppd
> > > > > stop removing it ?
> > > >
> > > >
> > > > better: add users that need to use modem to dialout group;
> > > > # adduser user dialout
> > >
> > > Wrong. That would allow all those users to snoop on each other's
> > > ppp connections, since they get read-access to the modem port.
> >
> > I'm the only user - it's my home computer so I don't care.
> >
> > > The correct group is dip.
> >
> > Wrong again ;)
> > At least with wvdial.
>
> Fair enough. Next time I'll read your mind. This time, I'll just
> point out that you didn't mention wvdial in your posting.
That's true. I just thought it was only pppd fault (that it
changes permission)
> > With pon/poff it's all ok. i don't have to
> > be in group dialout nor have g+w permission on /dev/ttyS1. If
> > /dev/ttyS1 is g+w while starting pppd, pppd removes it and puts
> > back on exit.
> > But if i use wvdial, /dev/ttyS1 has to be group writable:
> >
> > SeLeR:/home/piotr# l /dev/ttyS1
> > crw-r----- 1 root dialout 4, 65 wrz 5 22:41 /dev/ttyS1
> > piotr@SeLeR:~/download/5$ wvdial
> > --> WvDial: Internet dialer version 1.41
> > --> Cannot open /dev/ttyS1: Permission denied
>
> Well that appears to be broken behaviour. Why should your being
> entitled to run wvdial for PPP mean that you should have write-access
> to all the serial ports?
One more thing:
piotr@SeLeR:~$ wvdial
--> Can't read config file /etc/wvdial.conf: Permission denied
piotr@SeLeR:~$ l /etc/wvdial.conf
-rw-r----- 1 root dialout 174 sie 20 22:18 /etc/wvdial.conf
So you have to be in dialout group to use wvdial.
> > If it has g+w, wvdial is working ok. It connects to my IP and then
> > starts pppd, and pppd removes +w. But I think it's not ending pppd
> > properly. This is from syslog:
> >
> > pppd started by pon and ended by poff:
> > Sep 5 23:00:24 SeLeR pppd[938]: Terminating on signal 15.
^^^^^^^^^^^^^^^^^^^^^^^^^
> > Sep 5 23:00:24 SeLeR pppd[938]: sent [LCP TermReq id=0x2 "User request"]
> > Sep 5 23:00:25 SeLeR pppd[938]: Script /etc/ppp/ip-up finished (pid 940),
> > stat$Sep 5 23:00:25 SeLeR pppd[938]: Script /etc/ppp/ip-down started (pid
> > 970)
> > Sep 5 23:00:26 SeLeR pppd[938]: Script /etc/ppp/ip-down finished (pid
> > 970), st$Sep 5 23:00:27 SeLeR pppd[938]: sent [LCP TermReq id=0x3 "User
> > request"]
> > Sep 5 23:00:30 SeLeR pppd[938]: sent [LCP TermReq id=0x4 "User request"]
> > Sep 5 23:00:33 SeLeR pppd[938]: sent [LCP TermReq id=0x5 "User request"]
> > Sep 5 23:00:36 SeLeR pppd[938]: sent [LCP TermReq id=0x6 "User request"]
> > Sep 5 23:00:39 SeLeR pppd[938]: Hangup (SIGHUP)
> > Sep 5 23:00:39 SeLeR pppd[938]: Modem hangup
> > Sep 5 23:00:39 SeLeR pppd[938]: Connection terminated.
> > Sep 5 23:00:39 SeLeR pppd[938]: Connect time 0.1 minutes.
> > Sep 5 23:00:39 SeLeR pppd[938]: Sent 97 bytes, received 76 bytes.
> > Sep 5 23:00:40 SeLeR pppd[938]: Exit.
> >
> > pppd started by wvdial (and ended by ^c as said in README for wvdial):
> > Sep 5 23:05:41 SeLeR pppd[994]: Terminating on signal 15.
> >
> > And wvdial shows sth. like this:
> > Caught signal #2! Attempting to exit gracefully...
> > --> Disconnecting at Tue Sep 5 23:05:43 2000
> >
> > So is it bug in wvdial or in pppd ?
> > wvdial has bug (#33590) - there is mentioned my problem but the bug
> > is in resolved (maybe it's because the main problem in #33590 was
> > different)
>
> Well, that may depend on how wvdial stops pppd. Killing pppd with
> SIGTERM seems to restore the port permission, whereas there are/have
> been bugs in pppd where exiting in some other manner (e.g. PAP
> failure) has not restored them. If wvdial used -SIGKILL for example,
> it would be difficult for pppd to do anything about it.
This is from todays connection with wvdial:
Sep 9 00:26:30 SeLeR pppd[1630]: Terminating on signal 15.
^^^^^^^^^^^^^^^^^^^^^^^^^
Sep 9 00:26:30 SeLeR pppd[1630]: Script /etc/ppp/ip-down started (pid
1651)
Sep 9 00:26:30 SeLeR pppd[1630]: sent [LCP TermReq id=0x2 "User request"]
Sep 9 00:26:30 SeLeR pppd[1630]: Script /etc/ppp/ip-down finished (pid
1651), status = 0x0
As you see (it was in previous mail too, but without debug option on)
pppd is in both cases ended with SIGTERM, but with wvdial pppd ends in
different way. I don't know why.
> A workaround may be a sudo'd script that checks whether pppd is running
> and restores the permission if it isn't.
>
> I'd be very unhappy if pppd didn't g-w the serial port it uses. Oh, and
> BTW, Debian has to be built for people who *do* care,
Why's that? Is Debian meant only for servers ?.
Besides, I said I'm the only user. I don't have to pay such attention
to security in home. I have a Debian installation for repairing
purposes - no root/user passwords etc. You say that it compromises
security ?
> so advice that
That was no advice. It was a statement.
> compromises security is not to be welcomed here and must certainly be
> flagged in case it catches out other people who would then be exposed.
So say how it should be, but don't say me how i should do it.
> > PS. Don't CC me. I got everything twice.
>
> Then why have you set Mail-Followup-To: to yourself as well as Debian?
Didn't read carefully manual to mutt. Didn't set subscribe ... line
after lists ... line. I'm still learning how to use mutt.
Now it should be ok.
--
Piotrek
irc: #Debian.pl
GPG fingerprint: 13ED DF91 6DF9 A440 2D78 F657 3579 2D3D DDBD DEFD
GPG public key : http://pingu.ii.uj.edu.pl/~piotr/public.asc
Reply to: