LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-17-2003, 11:06 PM   #1
jlangelier
Member
 
Registered: Jun 2003
Location: Denver, CO
Distribution: Debian
Posts: 95

Rep: Reputation: 15
Run ipchains as normal user?


I've got a bash script which sets up rules for ipchains. Also runs tcp_syncookies, icmp_ignore_bogus_error_responses, and a couple other root-only programs.

Because the script needs the IP address, it must run after the connection is made. I want to have the script be able to be run by normal users, because normal users will be doing the connecting.

Problem is, normal users can't run ipchains (or /proc/sys/net/ipv4/tcp_syncookies, and a couple of other things which are also in my bash script)

Can suid bash scritps, of course. Don't want to set up all normal users for sudo, unless I can restrict them to just my post-connect ipchains script.

Anyone have a work-around or other advice?

--------------------------------------------------------------------------
PROBLEM SOLVED EDIT FOLLOWS:

I didn't understand that sudo could be configured for specific scripts. I added this to sudoers:

%users ALL=NOPASSWD:/usr/bin/firewall

... then I added this to be executed after connection
/usr/bin/sudo /usr/bin/firewall

I guess I should have googled a bit more before posting here

Last edited by jlangelier; 07-17-2003 at 11:50 PM.
 
Old 07-27-2003, 02:56 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
A normal user is not supposed to install/modify filter rules. Only root can / should do it.

yes, sudo is the work-around.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can you connect to internet as normal user without run pppd as root ? nasty_daemon Linux - Networking 2 09-13-2005 02:43 AM
X11 DRI 3d performance won't run as a normal user? houler Linux - Software 1 04-11-2005 02:43 AM
can,t run kde as normal user. little_ball Slackware 1 12-29-2004 11:13 AM
Warcraft 3 Won't Run Anymore For Normal User GT_Onizuka Linux - Games 5 01-25-2004 12:05 PM
How to run Arson as a normal user Mojojo Linux - Software 0 07-10-2003 06:36 PM


All times are GMT -5. The time now is 10:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration