Find the answer to your Linux question:
Results 1 to 3 of 3

Thread: vpnclient suid

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie pajamabama's Avatar
    Join Date
    Jul 2005
    In another time's forgotten space

    vpnclient suid

    I'm wondering if there's a way to use 'suid' for the Cisco vpnclient. I see discussion on the web regarding versions that had the bit set by default. I'm using v4.8.00 (0490), and when I try to set either the suid or sgid bits I get the following error:

    vpnclient cannot have setuid or setgid permissions.
    Has this been disabled by Cisco as a security issue or something?

    When I run it as user I get:

    Cisco Systems VPN Client Version 4.8.00 (0490)
    Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
    Client Type(s): Linux
    Running on: Linux #1 Thu Feb 2 20:54:26 UTC 2006 i686
    Config file directory: /etc/opt/cisco-vpnclient
    privsep: unable to drop privileges: group set failed.
    The application was unable to communicate with the VPN sub-system.
    HP Pavilion dv6000t
    Intel Centrino Duo 2.0GHz
    nVidia GeForce Go 7400
    Fedora 10

    The real question is what time is it and why the hell am I still screwing around with my computer?

  2. #2
    You should set the suid bit of cvpnd instead of vpnclient:
    # chmod 4111 /opt/cisco-vpnclient/bin/cvpnd

    My Blog:

  3. #3
    I got the same message after installing the client on OpenSUSE 10.2 and trying to start the client. Running 'chmod 4111 /opt/cisco-vpnclient/bin/cvpnd' (as root) resolved the problem. Thanks.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts