From shalunov@att.net Mon Apr 19 19:59:42 1999
Return-Path: <shalunov@att.net>
Received: from mtiwmhc06.worldnet.att.net (mtiwmhc06.worldnet.att.net [204.127.131.41])
	by hub.freebsd.org (Postfix) with ESMTP id 065BA156BF
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 19 Apr 1999 19:59:39 -0700 (PDT)
	(envelope-from shalunov@att.net)
Received: from sharik.worldnet.att.net ([12.68.38.208])
          by mtiwmhc06.worldnet.att.net (InterMail v03.02.07 118 124)
          with ESMTP id <19990420025709.CIIK14067@sharik.worldnet.att.net>;
          Tue, 20 Apr 1999 02:57:09 +0000
Received: (from shalunov@localhost)
	by sharik.worldnet.att.net (8.9.2/8.9.2) id XAA00794;
	Mon, 19 Apr 1999 23:06:15 -0400 (EDT)
	(envelope-from shalunov)
Message-Id: <199904200306.XAA00794@sharik.worldnet.att.net>
Date: Mon, 19 Apr 1999 23:06:15 -0400 (EDT)
From: stanislav shalunov <shalunov@att.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: tony-o@iij.ad.jp, amurai@spec.co.jp
Subject: ppp(8) allows mortals to start but not to kill it
X-Send-Pr-Version: 3.2

>Number:         11227
>Category:       misc
>Synopsis:       ppp(8) allows mortals to start but not to kill it
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 19 20:00:00 PDT 1999
>Closed-Date:    Sun Apr 25 03:23:37 PDT 1999
>Last-Modified:  Sun Apr 25 03:24:01 PDT 1999
>Originator:     stanislav shalunov
>Release:        FreeBSD 3.1-RELEASE i386
>Organization:
disorganized
>Environment:

Using user-mode PPP, don't want to give root to my wife. :-)

>Description:

ppp(8) is 4550/root/network and supports ``allow users'' clause, so
it's convenient to give access to non-root users.  However, I don't
see any easy way for them to stop the PPP daemon (e.g., to change -auto
to -ddial or just abort -ddial).

It looks like control socket might be useful for this purpose, but I start
ppp -auto when system boots up as root so it might be dangerous...
It's way too complicated anyway: a shell command is desired.

>How-To-Repeat:
>Fix:
	
Well, here's how I solved my problem.  I thought others might benefit from
this or similar approach as well.

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	pppstop
#	pppstop/Makefile
#	pppstop/pppstop.c
#
echo c - pppstop
mkdir -p pppstop > /dev/null 2>&1
echo x - pppstop/Makefile
sed 's/^X//' >pppstop/Makefile << 'END-of-pppstop/Makefile'
X# pppstop -- kill running ppp daemon.  See pppstop.c for detail.
X# Written by Stanislav Shalunov
X
XBINDIR=/usr/local/sbin
XCFLAGS+=-O6 -s -Wall -pedantic -W
X
Xpppstop:	pppstop.c
X	${CC} -o pppstop ${CFLAGS} pppstop.c
X
Xinstall:	pppstop
X	[ -d ${BINDIR} ] || install -d -o root -g wheel ${BINDIR}
X	install -c -s -o root -g network -m 4550 pppstop ${BINDIR}/pppstop
X
Xclean:
X	-rm -f pppstop a.out *~ *.o *.a \#* ktrace.out *.core core
END-of-pppstop/Makefile
echo x - pppstop/pppstop.c
sed 's/^X//' >pppstop/pppstop.c << 'END-of-pppstop/pppstop.c'
X/* pppstop -- kill running ppp daemon
X
X   Written by Stanislav Shalunov.  FreeBSD license applies.
X
X   You may need to change PID_FILE definition below depending on how
X   many PPP connections you have, but if you have more than one you
X   should probably be using something more elaborate.
X
X   This program is really slim and safe to be install setuid root.
X   You should install it as group network and only allow execution
X   by owner and group:  chmod 4550 pppstop.  Makefile will do this for
X   you. */
X
X#include <stdio.h>
X#include <stdlib.h>
X#include <fcntl.h>
X#include <unistd.h>
X#include <signal.h>
X#include <sys/errno.h>
X#include <limits.h>
X
X#define PID_FILE "/var/run/tun0.pid"
X
Xint
Xmain(argc, argv)
X	int argc;
X	char *argv[];
X{
X	int fd, bytes, ppp_pid;
X	char buf[16];
X
X	if (argc != 1) {
X		fprintf(stderr, "Usage: pppstop\n");
X		exit(1);
X	}
X	fd = open(PID_FILE, O_RDONLY);
X	if (fd == -1) {
X		perror(PID_FILE);
X		exit(1);
X	}
X	bytes = read(fd, buf, sizeof buf - 1);
X	if (bytes == -1) {
X		perror(PID_FILE);
X		exit(1);
X	}
X	buf[bytes] = '\0';
X	/* This can never hurt. */
X	buf[(sizeof buf) - 1] = '\0';
X	ppp_pid = atoi(buf);
X	/* See strtol(3) for explanation of LONG_M{IN,AX} and ERANGE.
X	   The following condition is redundant--I'm a paranoid maniac. */
X	if ((ppp_pid == 0) || (ppp_pid == LONG_MIN) || (ppp_pid == LONG_MAX)
X	    || (errno == ERANGE)) {
X		fprintf(stderr, "pppstop: bad PID value %d\n", ppp_pid);
X		exit(1);
X	}
X	if (kill(ppp_pid, SIGTERM) == -1) {
X		perror("kill");
X		exit(1);
X	}
X	/* Give it some time to disconnect. */
X	sleep(1);
X	if (kill(ppp_pid, 0) == -1) {
X		/* It's fast dead. */
X		exit(0);
X	}
X	kill(ppp_pid, SIGHUP);
X	sleep(2);
X	/* If all *that* didn't help SIGKILL is probably required anyway.
X	   A manual cleanup of the default route will probably be required
X	   (if ``add default HISADDR'' was used). */
X	kill(ppp_pid, SIGKILL);
X	exit(0);
X}
END-of-pppstop/pppstop.c
exit

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: brian 
State-Changed-When: Sun Apr 25 03:23:37 PDT 1999 
State-Changed-Why:  
Pppctl was written to deal with this sort of thing. 
>Unformatted:
