Sorry to take so long to get back to this. . . But--presumably there is a good security reason why the consolehelper goes through pam, right? And isn't there a way to persuade pam to let ordinary users start kppp? Thanks fer any advice! Bill On Thu, 29 Mar 2001, you wrote: > In both RH 6.2 and RH 7.0 kppp works as a normal user if you call it as > /sbin/kppp and it is chmod u+s and owned by root. Also pppd must be SUID root. > On Thu, Mar 29, 2001 at 12:21:06AM -0500, Bill wrote: > > Hello list. . . > > > > I'm trying to set up pam so it will allows ordinary users to start kppp. I > > believe I have the permissions on /sbin/kppp set up properly, but the first > > time I start pam in a particular X session I have to start it out of an xterm > > as root. After that I can start if from the menu (which goes through > > consolehelper and userhelper--I changed the user in > > /etc/security/console.apps/kpp to <user>), but I do get a prompt fer the > > user's password. In fact I get that prompt the first time I try to start > > kpp from the menu in an X session, but it doesn't work unless I have > > previously started the thing from a root xterm. Here is my /etc/pam.d/kppp file: > > > > #%PAM-1.0 > > auth sufficient /lib/security/pam_rootok.so > > auth required /lib/security/pam_pwdb.so > > session optional /lib/security/pam_permit.so > > account required /lib/security/pam_permit.so > > > > I had been using /lib/security/xauth.so for the optional session check, but > > changed it tonight to see what effect that would have. What I really want is > > for users to be able to just click on kppp from the kde or gnome menus and > > start the %$^$% thing! After all I don't want to give guest users root > > access! Could I be missing some other permissions somewhere? Any suggestions? > > > > Thanks! > > > > Bill > > > > > > > > _______________________________________________ > > > > Pam-list@redhat.com > > https://listman.redhat.com/mailman/listinfo/pam-list > > -- > ------------------------------------------- > Aaron Konstam > Computer Science > Trinity University > 715 Stadium Dr. > San Antonio, TX 78212-7200 > > telephone: (210)-999-7484 > email:akonstam@trinity.edu > > > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list
