[SOLVED] User permissions to see IPTables rules & packets.
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Dear all,
I'm trying to grant access to my account user to see IPTables rules and packets statistics w\o using the Root account.
How may I do it?
I've tried to add the line: user localhost= NOPASSWD: /sbin/iptables -vnxL to my Sudoers file... but stil IPTables blocks me.
It seems like IPTables it-self is blocking the user account and not the system permissions.
P.S I'm using CentOS 6.3 & Fedora 17 in parallel.
Thanks in advance.
Last edited by CrAzYoNi; 10-20-2012 at 12:10 PM.
Reason: Solved thanks to Nugat
I'm trying to grant access to my account user to see IPTables rules and packets statistics w\o using the Root account.
How may I do it?
I've tried to add the line: user localhost= NOPASSWD: /sbin/iptables -vnxL to my Sudoers file... but stil IPTables blocks me.
It seems like IPTables it-self is blocking the user account and not the system permissions.
<code>
# cat /etc/sudoers | grep user
user localhost=(root) NOPASSWD: /sbin/iptables -vnxL
##
$ iptables -vnxL
iptables v1.4.14: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
</code>
<code>
# cat /etc/sudoers | grep user
user localhost=(root) NOPASSWD: /sbin/iptables -vnxL
##
$ iptables -vnxL
iptables v1.4.14: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
</code>
when logged in as the user, what does this command tell you?
Code:
sudo -l
(that is a lower case L, not a "one")
Edit: the "localhost" you've used in your rule must be the hostname of the system. if it isn't, change it to that, or use ALL.
Last edited by nugat; 10-20-2012 at 11:10 AM.
Reason: hostname
I've run "sudo -l" as the user, just after creating a new tab on my Deksotp (Gnome) env.
There is another user account instead of "user" which I'm just replacing here in the output.
And I've noticed your edit + tried ALL & Localhost already.
I'm using several hostnames to my system... localhost is replying to pings though (as the local machine).
iptables v1.4.7: can't initialize iptables table `filter': Permission denied (you must be root)
on the zabbix-agent server You could try to add "AllowRoot=1" to /etc/zabbix/zabbix_agentd.conf
Use echo AllowRoot=1 >> /etc/zabbix/zabbix_agentd.conf
then restart zabbix-agent
/etc/init.d/zabbix-agent restart
on the zabbix-server you could run you own shell again.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.