PPP Configuration Problems!
mark at dogma.freebsd-uk.eu.org
Tue Aug 31 22:03:24 BST 1999
On Tue, Aug 31, 1999 at 09:18:14PM +0100, Brian Somers wrote:
> Sorry, I was away :-]
> You can ``allow users *'' if you wanna let everyone in.
I wasn't sure about ``*'', couldn't find it in the manpage (I've
found now though).
> WRT the Operation not permitted bit, is ppp installed properly ?
> This error would result if ppp tried to open the tun device as a
> normal user :-/ Is there anything ``manual'' being done when
> installing ppp ?
Hmm, I'd be interested in the outcome of this. I sort of worked
out that it was when trying to open tun0, but I couldn't reproduce
it on my system no matter how much I changed. I got this if I
removed the setuid bit on /usr/sbin/ppp:
Working in interactive mode
Warning: No available tunnel devices found (Permission denied).
Warning: bundle_Create: No such file or directory
not *quite* the same error ("Permission denied" rather than "Operation
> > On Sun, Aug 29, 1999 at 06:43:09PM +0100, Andrew Boothman wrote:
> > > On 28-Aug-99 Mark Ovens wrote:
> > >
> > > >> Even with "allow users" in the default section or in an ISP
> > > >> section, even though it runs fine as root.
> > > >>
> > > >> If I allow access to a spacific user, using "allow user
> > > >> andrew" I get :
> > > >
> > > > That's correct. You need to specify the usernames, it's not a
> > > > global thing, i.e. allow *these* users, not allow *all* users.
> > >
> > > Are you sure? I'm sure (although I can't find it now) that the
> > > man page says that you can allow access for all users.
> > >
> > Yes, I read the man page but I think it is mis-leading. The handbook states:
> > 184.108.40.206.2. PPP permissions
> > ppp must normally be run as user id 0. If however you wish
> > to allow ppp to run in server mode as a normal user by
> > executing ppp as described below, that user must be given
> > permission to run ppp by adding them to the network group
> > in /etc/group.
> > You will also need to give them access to one or more
> > sections of the configuration file using the allow command:
> > allow users fred mary
> > If this command is used in the default section, it gives
> > the specified users access to everything.
> > ISTR that when I wanted to run ppp as a non-root user I did the
> > same as you (``allow users'') and it didn't work. I asked in
> > -questions and I;m sure it was Brian Somers who told me you have
> > to list the usernames. I guess you can allow *all* users, as long
> > as you list *all* their names ;-)
> > > >> "Warning : No available tunnel devices found (Operation not permitted)
> > > >> Warning : Bundle_create : No such file or directory"
> > > >>
> > > >
> > > > Have you got an instance of pppalready running? By default only
> > > > one tunnel device exists (/dev/tun0) but you need a separate one
> > > > for each instance of ppp.
> > >
> > > No. This is the only PPP running. And /dev/tun0 is present and
> > > everything works when logged in as root.
> > >
> > Hmm. I've just checked the source. The first error is due to the
> > call to IDOopen() in bundle_Create() returning EPERM:
> > 1 EPERM Operation not permitted. An attempt was made to perform
> > an operation limited to processes with appropriate
> > privileges or to the owner of a file or other resources.
> > so it looks like a permissions problem. The second error comes from
> > bundle_Create() returning NULL (due to the first error).
> > I have tried to re-create the problem on my system, by removing a
> > user from various groups in /etc/group, but I can't.
> > I'm using the version of ppp that came on the 3.1 CDs.
> > Hopefully Brian will jump in here and bail me out :-)
> > > ---
> > > Andrew Boothman <andrew at cream.org>
> > > http://sour.cream.org
> > > Unmetered Telecoms. Join the Fight!
> > > http://www.unmetered.org.uk
> > >
> > --
> > STATE-OF-THE-ART: Any computer you can't afford.
> > OBSOLETE: Any computer you own.
> > ________________________________________________________________
> > FreeBSD - The Power To Serve http://www.freebsd.org
> > My Webpage http://ukug.uk.freebsd.org/~mark/
> > mailto:mark at ukug.uk.freebsd.org http://www.radan.com
> Brian <brian at Awfulhak.org> <brian at FreeBSD.org>
> <http://www.Awfulhak.org> <brian at OpenBSD.org>
> Don't _EVER_ lose your sense of humour ! <brian at FreeBSD.org.uk>
STATE-OF-THE-ART: Any computer you can't afford.
OBSOLETE: Any computer you own.
FreeBSD - The Power To Serve http://www.freebsd.org
My Webpage http://ukug.uk.freebsd.org/~mark/
mailto:mark at ukug.uk.freebsd.org http://www.radan.com
More information about the Ukfreebsd