Re: Access Problem with pppd

To: debian-user@lists.debian.org
Subject: Re: Access Problem with pppd
From: Stephen Powell <zlinuxman@wowway.com>
Date: Tue, 26 Jan 2010 16:08:10 -0500 (EST)
Message-id: <[🔎] 1194812823.7975381264540090340.JavaMail.root@md01.wow.synacor.com>
In-reply-to: <[🔎] 201001261934.33428.hans.ullrich@loop.de>

On 2010-01-26 at 13:34:33 -0500, Hans-J Ullrich wrote:
> Hi all,
> 
> I am looking for a líttle understanding problem. Maybe someone can advice me.
> 
> On my EEEPC I am running an application called "umtsmon" (this is for gprs-
> access). Umtsmom is a single binary located in /usr/bin.
> 
> When I start it, it is started, and when I want to connect to the internet it 
> starts a modem connection by using pppd.
> 
> This is fine working, when I am starting it as user "root". (I use "sux" to 
> become root from a normal user).
> 
> When I start umtsmon as normal user, pppd is not allowed to be used by this 
> user. This is ok, I want only users in a special group use pppd.
> 
> So far so well, but I dop not understand this: When set the binary 
> with rwsr-x--- (root:dialout), then umtsmon should start with the rights of 
> root and should be also allowed to start pppd! But i does clearly NOT! I get 
> the maesage: pppd is not allowed to start, only root is allowed to start it.
> 
> What do I do wrong? Where do I think wrong?
> 
> BTW: maybe someone wants to adopt umtsmon and create a package.  It is open-
> source / GPL and it is really great tool (This only remarked besides)
> 
> Thank you for any help!

I am having trouble with your English; so I'm not really sure what you are
asking; but once you add a user to a group it does not really have the
privileges of that group until *all* instances of that user have logged
out.  For example, suppose that user "fred" is logged in:

$ groups
fred
$ su
Password: [enter root password]
# adduser fred dialout
Adding user `fred' to group `dialout' ...
Adding user fred to group dialout
Done.
# exit
$ groups
fred

Notice that the groups command still does not list "dialout" as one
of fred's groups.  That's because fred logged in *before* he was
added to the group.  fred must logout and login again before he
actually has the privileges of the dialout group.  And it is not
sufficient for fred to simply logout of that one session.  He
must logout of all sessions simultaneously.  If he started the
X server, that means that the X server must be restarted too.
Issue the "groups" command.  If you don't see dialout as one of
the groups listed, then you didn't logout of *all* of fred's
sessions.  Of course, one way to make sure that all sessions are
eliminated is to reboot the server.  That should do it!

Reply to:

References:
- Access Problem with pppd
  - From: "Hans-J. Ullrich" <hans.ullrich@loop.de>

Prev by Date: Re: how to set permanent ulimit
Next by Date: Re: how to set permanent ulimit
Previous by thread: Re: Access Problem with pppd
Next by thread: Rsyslog template
Index(es):
- Date
- Thread