[gentoo-dev] DNS not working except as root

[gentoo-dev] DNS not working except as root

[Collins Richey]

Unfortunately you don't have enough doc anywhere for me to puzzle
this out on my own.  I can find no logs with errors related to this.

A normal user is denied access to DNS requests, which means that you
can only gain internet access with specific ip addresses.

Where are the controls for permitting DNS requests?

This is a repeat, but this should be really basic.

Thanks,
Collins Richey
Denver area

Re: [gentoo-dev] DNS not working except as root

[Daniel Robbins]

On Fri, May 11, 2001 at 08:50:02PM -0600, Collins Richey wrote:
> Unfortunately you don't have enough doc anywhere for me to puzzle
> this out on my own.  I can find no logs with errors related to this.
> 
> A normal user is denied access to DNS requests, which means that you
> can only gain internet access with specific ip addresses.
> 
> Where are the controls for permitting DNS requests?
> 
> This is a repeat, but this should be really basic.

Well, DNS requests are normally done with the gethostbyname() or gethostbyname_r()
syscall; maybe you could write a simple test program or strace a basic program like
ping to get some idea of what permission issue is causing the problem?  We have an
strace ebuild in the Portage tree.

Best Regards,

-- 
Daniel Robbins					<drobbins@gentoo.org>
President/CEO					http://www.gentoo.org 
Gentoo Technologies, Inc.			

[gentoo-dev] su not working / email

[Sebastian Werner]

Hello,

i have a really short question... on my gentoo system su don't work for
my normal users. I have add them to the group users.

Thank you for help,

Sebastian

Re: [gentoo-dev] su not working / email

[Justus Pendleton]

On Sat, May 12, 2001 at 07:53:42PM +0200, Sebastian Werner wrote:
> Hello,
> 
> i have a really short question... on my gentoo system su don't work for
> my normal users. I have add them to the group users.
> 
> Thank you for help,

Have you looked in the FAQ?

Justus

Re: [gentoo-dev] DNS not working except as root

[Achim Gottinger]

Collins Richey wrote:
> 
> Unfortunately you don't have enough doc anywhere for me to puzzle
> this out on my own.  I can find no logs with errors related to this.
> 
> A normal user is denied access to DNS requests, which means that you
> can only gain internet access with specific ip addresses.
> 
> Where are the controls for permitting DNS requests?
> 
> This is a repeat, but this should be really basic.
> 

hrm, give /tmp a sticky bit, that fixed various problems I had here as a
normal user.

bye achim~

> Thanks,
> Collins Richey
> Denver area
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://www.gentoo.org/mailman/listinfo/gentoo-dev

Re: [gentoo-dev] DNS not working except as root

[Collins Richey]

On Sat, 12 May 2001 12:41:15 +0200 AGottinger@t-online.de (Achim
Gottinger) wrote:

> Collins Richey wrote:
> > 

> > A normal user is denied access to DNS requests, which means
> that you can only gain internet access with specific ip
addresses.
> > 
> > Where are the controls for permitting DNS requests?
> > 

> hrm, give /tmp a sticky bit, that fixed various problems I had
> here as a normal user.
> 

/tmp was already 1777, but your second post fixed most of the
problem, ie /etc/resolv.conf was 600 now 644.

Now I can browse with konqueror using names instead of ip
addresses.

I still have one minor problem that I have seen before.  Some
distros have the problem, some don't.  I still can't use the
name for my mail server under sylpheed, just the ip address.  On
my Sybil (Caldera 3.1 Beta) distro, this works, but
/etc/resolv.conf, etc., looks pretty much the same.

This isn't a biggie.  I've never figured it out.

Thanks,
---
Collins Richey 
Denver area
gentoo system

Re: [gentoo-dev] DNS not working except as root

[Achim Gottinger]

Collins Richey wrote:
> 
> On Sat, 12 May 2001 12:41:15 +0200 AGottinger@t-online.de (Achim
> Gottinger) wrote:
> 
> > Collins Richey wrote:
> > >
> 
> > > A normal user is denied access to DNS requests, which means
> > that you can only gain internet access with specific ip
> addresses.
> > >
> > > Where are the controls for permitting DNS requests?
> > >
> 
> > hrm, give /tmp a sticky bit, that fixed various problems I had
> > here as a normal user.
> >
> 
> /tmp was already 1777, 
You should also set the sticky bit (chmod +t /tmp). I had a problem with
netscape here. 
Netscape created a file called /tmp/ndebug as root. As I tried to start
netscape as a 
normal user it segfaulted. I added the sticky bit and now all files
created in /tmp are 
owned by root automatic, so normal users can overwrite such files
without problems.
Before that fix I could not start gnome a s a normal user (the file that
caused the problem was /tmp/languages in this case)
After the fix it worked.

but your second post fixed most of the
> problem, ie /etc/resolv.conf was 600 now 644.
> 
> Now I can browse with konqueror using names instead of ip
> addresses.
> 
> I still have one minor problem that I have seen before.  Some
> distros have the problem, some don't.  I still can't use the
> name for my mail server under sylpheed, just the ip address.  On
> my Sybil (Caldera 3.1 Beta) distro, this works, but
> /etc/resolv.conf, etc., looks pretty much the same.

did you assign your hostname to 127.0.0.1 in /etc/hosts or to your real
IP adress?
(just a suggestion). I will make a package for sylpheed so I can try
that here.

bye achim~

> 
> This isn't a biggie.  I've never figured it out.
> 
> Thanks,
> ---
> Collins Richey
> Denver area
> gentoo system
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://www.gentoo.org/mailman/listinfo/gentoo-dev

Re: [gentoo-dev] DNS not working except as root

[Collins Richey]

[snips ]

On Sat, 12 May 2001 16:32:01 +0200 AGottinger@t-online.de (Achim
Gottinger) wrote:

> Collins Richey wrote:
> > 
> > On Sat, 12 May 2001 12:41:15 +0200 AGottinger@t-online.de
> (Achim
> > Gottinger) wrote:
> > 
> > > Collins Richey wrote:
> > > >
> > 
> > > > A normal user is denied access to DNS requests, which
> > > > means that you can only gain internet access with
specific
> > >  ip addresses.
> > > >

> > /tmp was already 1777, 
> You should also set the sticky bit (chmod +t /tmp). I had a
> problem with
> netscape here. 
> I added the sticky bit and now all
> files created in /tmp are owned by root automatic, so normal
users
>  can overwrite such  files without problems.  Before that fix
I could 
> not start gnome a s a normal user 
> 

ok, I misread your post, have set the sticky bit.

> but your second post fixed most of the problem, ie 
> /etc/resolv.conf was 600 now 644. Now I can browse with 
> konqueror using names instead of ip addresses.
> > 
> > I still have one minor problem that I have seen before. 
> > Some distros have the problem, some don't.  I still can't 
> > use the name for my mail server under sylpheed, just the ip 
> > address.

> 
> did you assign your hostname to 127.0.0.1 in /etc/hosts or to
> your real IP adress?  (just a suggestion). I will make a
package 
> for sylpheed so I  can try that here.
> 

My hosts file has my local lan ip address for my hostname


-- 
Collins Ridhey
Denver area
gentoo system

Re: [gentoo-dev] DNS not working except as root

[Achim Gottinger]

Collins Richey wrote:
> 
> Unfortunately you don't have enough doc anywhere for me to puzzle
> this out on my own.  I can find no logs with errors related to this.
> 
> A normal user is denied access to DNS requests, which means that you
> can only gain internet access with specific ip addresses.
> 
> Where are the controls for permitting DNS requests?
> 
> This is a repeat, but this should be really basic.

Collins, this is the final fix I think, after I did a full build test
here I had exactly the same problems you had.
DNS did not work here because my /etc/resolv.conf file had a 600
permission. I changed that to 644 and then it worked.
I hope this solution works for you too.

bye achim~

> 
> Thanks,
> Collins Richey
> Denver area
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://www.gentoo.org/mailman/listinfo/gentoo-dev