# can't use internet as normal user

## meka

Everything is working but I just can't ... well topic says it all. I don't know what is the real reason, but I suspect on new ppp. Any ideas?

----------

## casper

define you cant use internet....you can't browse, you can't ping anything..?

give us a little bit more details, like what type connection (ppp i presume from what I saw in your previous post), if it worked before, if your modem is detected ....   :Rolling Eyes: 

----------

## goghs

I can confirm this. 

I have the same problem after I emerged latest ppp (2.4.2 beta 3 r 1 ebuild, I think). Only root can access the internet. 

WHO can help us? It's really annoying and painful.

----------

## d-iZe

I haven't used a modem ever in linux but i used it alot on the old amiga days.

I just had a quick look in /etc/group and saw this

dialout::20:root

could it be that you must add you user to that group to be able to use ppp to dialout?

It should in that case look like this

dialout::20:root,youruser

hope this helps.

----------

## goghs

No. The problem is not if normal user can dial out. In fact we need not dialout as normal user.

The normal situation is

login Gentoo as normal user

su

adsl-start

browse or check email as normal user

But now the situation is abnormal as

login Gentoo as normal user

su

adsl-start

can not browse or check email as normal user

can browse or check email (in fact any internet activity)

----------

## lpetersen

Hi there,

your problems might be caused by wrong permissions on your resolv.conf file.  As root, issue a 

```
chmod +r /etc/ppp/resolv.conf
```

and see if it works again.

I guess the deeper cause of this problem is a mismatch between the adsl-* scripts from rp-pppoe and the new ip-up script in ppp-2.4.2_beta3-r1, which take different approaches to creating/updating /etc/resolv.conf and setting permissions on it.  I haven't quite figured out a really elegant solution for this.  I hope this helps you out for the moment though...   :Smile: 

Good luck on your mission,

Lars

----------

## goghs

Terrific! You are 100% right!

I am so grateful to you for your solution! It works like a charm.

----------

## meka

I can not belive I forgot that one. And I'm a system administrator for a small network. My God, I was lol so much. Thanx for advice.  :Surprised: )

----------

## lpetersen

Glad to have been able to help.   :Very Happy: 

----------

## Chin Yee

 *Quote:*   

> 
> 
> your problems might be caused by wrong permissions on your resolv.conf file. As root, issue a 
> 
> Code:
> ...

 

This is no solution. Every time you do adsl-start the permission of resolv.conf revert back to -rw-r----- again. Re-pppoe do not need ip-up for it to work. Just delete ip-up from /etc/ppp and everything works again.

----------

## meka

The solution is to edit /etc/ppp/ip-up and change the line 'chmod 640 /etc/resolv.conf' to 'chmod 644 /etc/resolv.conf' or to comment it out.

----------

## lpetersen

I agree, BUT the '640' seems to be there for a reason:

```
...

   # Change perms because it b0rked kppp

        chmod 640 /etc/resolv.conf

        chown root:users /etc/resolv.conf

...
```

and principally, it is ok to disallow access to 'others' if only you allow access to group 'users'. The problem is, if you use 'adsl-start' (from rp-pppoe) instead of '/etc/init.d/net.ppp0 start' (from the ppp ebuild), /etc/ppp/resolv.conf is SYMLINKED to /etc/resolv.conf, whereas the init-script expects it to be a COPY created by ip-up. Thus, the chmod takes effect on /etc/ppp/resolv.conf (since symlinks never take any permissions), whereas the chown affects the symlink /etc/resolv.conf, which, however, doesn't help, since the link target, /etc/ppp/resolv.conf, is 640 root:root and thus cannot be accessed even though the symlink belongs to group 'users'.

Long story short: If permissions other than 640 root:users really 'b0rk' kppp (which I can't confirm or deny), it's better to leave ip-up as is and use /etc/init.d/net.ppp0 start (or rc-update add net.ppp0 default) instead of the adsl-* scripts.

Another possibility to think about might be changing the ip-up script to 

```
...

   # Change perms because it b0rked kppp

        chmod 640 /etc/resolv.conf

        chown root:users /etc/resolv.conf `/bin/readlink /etc/resolv.conf`

...
```

This way, /etc/ppp/resolv.conf gets chown'ed as well if /etc/resolv.conf is a link pointing to it. The 640 permissions should be sufficient then.

----------

## Chin Yee

How do you configure so that net.ppp0 starts the adsl connection?

Thanks

----------

## lpetersen

 *Chin Yee wrote:*   

> How do you configure so that net.ppp0 starts the adsl connection?

 

There is a nice HOWTO in this forum post, which also explains why using net.ppp0 is superior (performance-wise) to using adsl-start/-stop.

Once more: Good luck on your mission!   :Smile: 

----------

