[plug] Just started with linux, need help

[Christian]

Ari Finander wrote:
> 
> Christian,
> 
>      Tried your advice and edited the fstab file as root...now the system
> will let me access the 'usermount' GUI but it still says that mounting of
> devices is restricted to superuser.  For those of you tuning into this late,
> my goal is to be able to get regular users to be able to access floppy,
> cdrom, and cdrive.

The "usermount" GUI is not something I'm familiar with - you'll have to
ask a Red Hat user (assuming you are using Red Hat).  By adding the
lines that I gave into /etc/fstab that allows you to mount (using the
'mount' command) the appropriate device.  For example, if you set the
default mount point for your CDROM to be /cdrom then typing:
	mount /cdrom
would mount your CDROM at the /cdrom point of your filesystem.  You can
then type: 'cd /cdrom;ls' etc. etc. to view the contents.  If you can do
this as a normal (non-root) user then your system is set up correctly -
the other GUI things *should* work automatically (if the author did
things in an obvious and rational way - you never can be sure...) but
they may need some additional setting up.

>      For the internet, when I try and use the kppp program (it's the only
> one I know of) to access using my user account, it gives me this error box:
> 
> "pppd is not properly installed!
> 
> The ppd binary must be installed with the SUID bit set.  Contact your system
> administrator."

If you need to make your pppd binary setuid then you can do this by
typing:
	chmod u+s /usr/sbin/pppd
You should then check the permissions on it, for example:
daisy:~$ ls -l /usr/sbin/pppd
-rwsr-xr--   1 root     dip        105884 Jun 19  1998 /usr/sbin/pppd

My pppd (default Debian install) is setuid to root (ie, will run with
root privileges regardless of which user starts it) but only root and
users in the 'dip' group have permission to run it.  If all this seems
bizarre and confusing, I STRONGLY suggest you either get a Linux book
(or, if you already have one, read it!) particularly the section on
files and permissions. Alternately, the chmod manual page should help...
('man chmod').

Of course, setting a program setuid has important security issues that
every Linux user should *basically* be aware of - Matt recently
mentioned these in a similar situation.  For example, if you make a
program setuid to root then if a non-root user can get it to do
something it was not originally designed to do then they can do this
with all the power of root and probably get root privileges themselves.

> Any tips on how to get this running right?  I'm at a loss.  I'm still not
> clear at what the list of terms means from christian's previous email (see
> below): user,async,noauto,exec,nosuid.

user = normal users can mount it.
async = asynchronous IO
noauto = not automatically mounted on boot.
exec = normal users can execute programs on this filesystem.
nosuid = ignore any setuid bits found in binaries on this filesystem.

All these details are discussed in the mount(8) manual page.  Read 'man
mount'.

>     Something that I either read or was written in one of these emails is to
> put users into a group and give that group internet proveledges.  How is
> this done?

Hmmm... I suggest you read a book.  It's not hard but it's better that
you know what you're doing if you try to do this.

>     Finally, anyone stampeding to get the McAfee for linux/unix?  :-)

No.  You really only need this if you're running a Windows file server
on your Linux box.  Linux itself is mostly immune to viruses.

> Again, thanks for your help,

Not a problem. :)  Next time you reply, please try and delete the parts
of the message that you're replying which aren't relevant. (Possibly the
whole lot).  It cuts down the bandwidth used plus the size of everyone's
mailbox and takes minimal effort on the sender's part.

Regards,

Christian.

-- 
Experience is something you don't get until just after you need it.