How to set access permissions on a network interface?
 

Suppose a command:
which means eth5 is not accessible by normal user. How can i give an ordinary user access to this interface? If eth5 were a file in /dev, i would just change devnode file permissions. But it's not. So, what's the way?
P.S. sudo is not a good solution since it would make the program executed as root while i may not want this.

Once I used the udev rules for setting permissions for /dev/sda*. It is described in my blog here.
See also
I don't know if it will work for eth, it's just a hint.
Good luck.

You misunderstood me. eth? is not a file in /dev - it's not a file at all, so usual file permissions trick will not help here, which is the very problem i'm trying to solve.

Udev governs all devices including network devices and anything that is/isn't in /dev. Take dr_agon's advice and start looking at udev rules. I'm sure you'll find what you're looking for. (and no I don't know how to do what you're asking specifically)

Is the user in question a member of the "netdev" group or equivalent for your system?

--thymox

As far as i have currently researched, udev only seems to rename network devices, not manage permissions for them.

Well... there's no such group on my system (LFS 6.3).
Tried to add the user to this group on Ubuntu, but it didn't give me ethtool eth0 permission.

This might be something a kernel developer could answer. I wonder if SELinux or anything related to "security profiles" might hold the answer.

Say if you are using ethtool, try chmod'ing u+x for ethtool. Just a thought?

Or possibly /etc/sysconfig/network-scripts/ifcfg-eth0? I am at work, so I don't have access to any of my unix or linux boxes.

ethtool is already executable a+x. It just doesn't have the permissions for some ioctls.
/etc/sysconfig/network-scripts doesn't exist on both Ubuntu & LFS which i use.

ethtool needs to be run as root.
Why do you want to give an ordinary user access to ethtool ? Perhaps there is an easier way of achieving what you want.

Suppose, a use wants to r/w his disk drive (e.g. using dd). But disk drives are only accessible by root. Then you can chmod disk's /dev entry, and the user wouldn't have to use sudo. Additionally, the user would be able to do anything with the disk given away to him, including writing his own program to operate the disk.

That's the same i want to do with the NIC - just give it away to some user(s), so not only ethtool here, but any ioctl which controls the given network interface.

Thanks for the explanation.

If you don't want to use sudo, or give the user full root access, maybe let them run in a virtual machine (where they can have root access, without harming the host machine) and give eth5 to the virtual machine.

Otherwise, maybe socat can help you: