Bug 20258
| Summary: | Making user-PPP start as an arbitrary user instead of root | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | Antoine <Antoine> | ||||||||
| Component: | conf | Assignee: | Brian Somers <brian> | ||||||||
| Status: | Closed FIXED | ||||||||||
| Severity: | Affects Only Me | ||||||||||
| Priority: | Normal | ||||||||||
| Version: | 4.0-RELEASE | ||||||||||
| Hardware: | Any | ||||||||||
| OS: | Any | ||||||||||
| Attachments: |
|
||||||||||
On Fri, 28 Jul 2000 12:23:49 -0400, Antoine@chemcomp.com wrote:, Beaupre@chemcomp.com wrote: > + ppp_user="NO" # Which user to start PPP with (or NO) I think that it would make more sense to default this value to "root", and to use this value unconditionally. Ciao, Sheldon. Responsible Changed From-To: freebsd-bugs->brian Over to the PPP maintainer. Sheldon Hearn wrote:
>
> On Fri, 28 Jul 2000 12:23:49 -0400, Antoine@chemcomp.com wrote:,
> Beaupre@chemcomp.com wrote:
>
> > + ppp_user="NO" # Which user to start PPP with (or NO)
>
> I think that it would make more sense to default this value to "root",
> and to use this value unconditionally.
Yep. This makes an awful lot of sense.
So here we go again:
New Fix:
*** /etc/defaults/rc.conf.orig Fri Jul 14 10:54:54 2000
--- /etc/defaults/rc.conf Fri Jul 14 10:56:19 2000
***************
*** 77,82 ****
--- 77,83 ----
# For details see man page for ppp(8). Default
is au
ppp_nat="YES" # Use PPP's internal network address translation
or
ppp_profile="papchap" # Which profile to use from /etc/ppp/ppp.conf.
+ ppp_user="root" # Which user to start PPP with
### Network daemon (miscellaneous) & NFS options: ###
syslogd_enable="YES" # Run syslog daemon (or NO).
*** /etc/rc.network.orig Fri Jul 14 10:56:33 2000
--- /etc/rc.network Mon Jul 31 10:31:06 2000
***************
*** 160,167 ****
;;
esac
! echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet
${ppp_profile}
! ;;
esac
# Initialize IP filtering using ipfw
--- 160,176 ----
;;
esac
! ppp_command="ppp ${ppp_command} -quiet ${ppp_profile}"
!
! echo -n 'Starting ppp: '
! case ${ppp_user} in
! root)
! ${ppp_command};
! ;;
! *)
! su ${ppp_user} -c "${ppp_command}";
! ;;
! esac
esac
# Initialize IP filtering using ipfw
The same with the man page...
*** /usr/src/share/man/man5/rc.conf.5 Fri Mar 3 09:04:56 2000
--- /tmp/rc.conf.5 Fri Jul 28 12:20:18 2000
***************
*** 329,334 ****
--- 329,338 ----
.It Ar ppp_profile
(str) The name of the profile to use from
.Ar /etc/ppp/ppp.conf .
+ .It Ar ppp_user
+ (str) The name of the user under which ppp should be started. By
default, ppp is started
as
.Ar root.
.It Ar rc_conf_files
(str) This option is used to specify a list of files that will
override
the settings in
That's better... BTW, I don't know very much about GNATS protocols.
Should I've send another PR instead of "patching" this one? :)
Antoine Beaupre
System Administrator
Chemical Computing Group, Inc.
State Changed From-To: open->closed I've committed the functionality to -current and will MFC in 1 week assuming no problems. |
User PPP is started as the root user from rc.network. I added a variable to make it start as an arbitrary user. Fix: Create a "ppp_user" variable which is the user under which ppp should run. If set to "NO", no su(1) is performed, otherwise, instead of just calling: ppp ${ppp_command} -quiet ${ppp_profile} it is called as su -c "user" '${ppp_command}' The meaning of ${ppp_command} is obviously changed, but it should not interfere with anything else. How-To-Repeat: Arg, the heck with it, here's the patch