In both RH 6.2 and RH 7.0 kppp works as a normal user if you call it as
/sbin/kppp and it is chmod u+s and owned by root. Also pppd must be SUID root.
On Thu, Mar 29, 2001 at 12:21:06AM -0500, Bill wrote:
> Hello list. . .
>
> I'm trying to set up pam so it will allows ordinary users to start kppp. I
> believe I have the permissions on /sbin/kppp set up properly, but the first
> time I start pam in a particular X session I have to start it out of an xterm
> as root. After that I can start if from the menu (which goes through
> consolehelper and userhelper--I changed the user in
> /etc/security/console.apps/kpp to <user>), but I do get a prompt fer the
> user's password. In fact I get that prompt the first time I try to start
> kpp from the menu in an X session, but it doesn't work unless I have
> previously started the thing from a root xterm. Here is my /etc/pam.d/kppp file:
>
> #%PAM-1.0
> auth sufficient /lib/security/pam_rootok.so
> auth required /lib/security/pam_pwdb.so
> session optional /lib/security/pam_permit.so
> account required /lib/security/pam_permit.so
>
> I had been using /lib/security/xauth.so for the optional session check, but
> changed it tonight to see what effect that would have. What I really want is
> for users to be able to just click on kppp from the kde or gnome menus and
> start the %$^$% thing! After all I don't want to give guest users root
> access! Could I be missing some other permissions somewhere? Any suggestions?
>
> Thanks!
>
> Bill
>
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-listredhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list

-- 
-------------------------------------------
Aaron Konstam
Computer Science
Trinity University
715 Stadium Dr.
San Antonio, TX 78212-7200
telephone: (210)-999-7484
email:akonstamtrinity.edu
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://listman.redhat.com/mailman/listinfo/pam-list

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]