From ArchWiki
Revision as of 10:28, 1 September 2011 by Parameter (talk | contribs) (Using a dialout group: Added a note about the necessity to logout and log back in for the gpasswd)
Jump to: navigation, search

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.

Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어

External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

There are a few different ways of giving regular users the ability to use wvdial to dial a ppp connection. This document describes three different ways, each of them differ in difficulty to set up and the implication on security.

This document assumes you have Template:Codeline properly configured.

Using suid

This is arguable the easiest setup but has major impact on system security since it means that every user can run wvdial as root. Please consider using one of the other solutions instead.

As normal users cannot use wvdial to dial a ppp conection by default, change permissions:

chmod u+s /usr/bin/wvdial

You should see the following permissions:

ls -l /usr/bin/wvdial
-rwsr-xr-x  1 root root 114368 2005-12-07 19:21 /usr/bin/wvdial

Using a dialout group

Another, slightly more secure way is to set up a group called dialout (call the group as prefered) and give members of this group permission to run Template:Codeline as root.

First create the group and add the users to it:

# groupadd dialout
# gpasswd -a username dialout

Note: You need to logout and log back in for the current user's group list to be updated.

Then set the group and adjust the permissions on Template:Codeline:

# chgrp dialout /usr/bin/wvdial
# chmod u+s,o= /usr/bin/wvdial

The files should have the following permissions: Template:Command

Using sudo

See main article: sudo

sudo arguably offers the most secure option to allow regular users to establish dial-up connections using Template:Codeline. It can be used to give permission both on a per-user and group basis. Another benefit of using Template:Codeline is that it is only needed to do the setup once; both previous solutions will be "undone" when a new package of Template:Codeline is installed.

Use Template:Codeline to edit the file Template:Filename:

# visudo

To give a specific user permission to run Template:Codeline as root, add the following line (changing the username):

username localhost = /usr/bin/wvdial

To give all members of a group (Template:Codeline in this case) the same permission:

%dialout localhost = /usr/bin/wvdial