Re: Changing priveliges for a user account


Subject: Re: Changing priveliges for a user account
From: Patrick Callahan (pac1@tiac.net)
Date: Thu May 24 2001 - 13:04:53 MDT


>On Thursday 24 May 2001 11:15, you wrote:

> I haven't had any luck with kPPP I use Red Hat PPP Dialer and it doesn't
> even ask for a root password.

Security, permissions and pam are kind of a black art for most of us.
There's probably some reading I need to do to answer the following questions:

#0 How does pam work in general? What kinds of processes can pam control?
What other access control methods are there? Can or must these other methods
be used used in conjunction with pam? What happens if I ignore pam?

#1 What if any is the relationship between pppd, kppp and pam? I started
kppp from the pac1 account. When kppp runs there are three processes labeled
kppp and one pppd all running as root. What are each of these for? How did
pam get involved and where are the configuration entries and rc files that
allowed this to happen. What happens when the link goes dead? How come kppp
still thinks there's a connection?

root 526 0.0 1.0 5800 2792 pts/1 S 07:24 0:00 kppp
root 528 0.0 3.5 19964 9024 pts/1 S 07:24 0:01 kppp
root 529 0.0 2.2 19320 5824 ? S 07:24 0:00 kppp
root 534 0.0 0.4 2240 1060 ttyS0 S 07:24 0:00 pppd 57600 -detac

#2 What does RedHat Dialer do? How does it run pppd? Must pppd run as root?
What does ps -aux |grep ppp get you when running the RedHat Dialer?

#3 What does WVdial Dialer do? How does it run pppd? Must pppd run as root?
What does ps -aux |grep ppp get you when running the Wvdial Dialer?

#4 What are other ways to establish a dialup internet connnection? Can you
configure and run pppd without a dialer?

#5 What does the LinuxDoc ppp howto say about all this? Does it mention
specific dialer programs or is it generic. Does it get into permissions?
(Like I said, I have to do some reading...)

-Pat Callahan



This archive was generated by hypermail 2a24 : Thu May 24 2001 - 12:09:13 MDT