On Apr 11, 2005 12:03 PM, Kimi Ostro <[EMAIL PROTECTED]> wrote:
> On Apr 11, 2005 2:15 PM, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > * Matt Rowley <[EMAIL PROTECTED]> [2005-04-11 14:05]:
> > > I don't believe it's ever been possible to run pfctl as non-root
> >
> > it is possible and desirable to run pfctl -n as non-root.
> >
> > --
> > Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
> > BS Web Services, http://bsws.de
> > OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
> >
> 
> localhost% ssh -l test remotehost
> Last login: Tues Nov 2 02:52:42 2004 from localhost
> OpenBSD 3.6-stable (GENERIC) #0: Sat Jan 22 14:41:42 GMT 2005
> 
> remotehost$ whoami
> test
> remotehost$ user info test
> login   test
> passwd  *
> uid     1002
> groups  test
> change  NEVER
> class   default
> gecos   &
> dir     /usr/home/test
> shell   /bin/sh
> expire  NEVER
> remotehost$ ls -lf /dev/pf
> cr-------  1 root  wheel   73,   0 Jan 22 14:14 /dev/pf
> remotehost$ whereis pfctl
> /sbin/pfctl
> remotehost$ ls -lf /sbin/pfctl
> -r-xr-xr-x  1 root  bin  383532 Jan 22 14:14 /sbin/pfctl
> remotehost$ pfctl -nf pf.conf

> remotehost$ ls -lf /etc/pf.conf
> -rw-------  1 root  wheel  4015 Apr 11 02:46 /etc/pf.conf
> remotehost$ pfctl -nf /etc/pf.conf
> pfctl: /etc/pf.conf: Permission denied
> remotehost$

The file permissions on /etc/pf.conf are 600, owned by root, so unless
you're root (or using sudo), you won't be able to access that file
anyways.

For the command just above your ls, 'pfctl -nf pf.conf' what is your pwd?

> 
> That's without sudo?
> 
> --
> spamassassinexception
>

Reply via email to