1 |
On Mon, 2006-10-02 at 21:31 +0100, Neil Bothwick wrote: |
2 |
> On Mon, 2 Oct 2006 15:38:39 -0400, Devon Miller wrote: |
3 |
> |
4 |
> > emerge app-admin/sudo |
5 |
> > |
6 |
> > Edit /etc/sudoers and add: |
7 |
> > |
8 |
> > username ALL= NOPASSWD: /etc/init.d/ner.wlan0 |
9 |
> > |
10 |
> > Where username is his login. To run it: |
11 |
> > sudo /etc/init.d/net.wlan0 restart |
12 |
> |
13 |
> A slightly more secure approach is to create a script to do what you want |
14 |
> the user to be able to do and add that to /etc/sudoers. Then you control |
15 |
> how the commands are executed as well as which commands. |
16 |
|
17 |
you can put arguments in the sudoers file. For example, |
18 |
|
19 |
username ALL=(ALL) NOPASSWD: /etc/init.d/net.wlan0 start |
20 |
|
21 |
would only allow "username" to start wlan0, but not stop / restart / |
22 |
anything else. |
23 |
|
24 |
(I would actually allow a restart, because sometimes my wlan0 goes down |
25 |
and the only way to get it back is to stop and start it). |
26 |
|
27 |
so for example, you could also say |
28 |
username ALL=(ALL) NOPASSWD: /sbin/fdisk -l |
29 |
|
30 |
which would allow username to run the safe fdisk -l, but not the unsafe |
31 |
fdisk. |
32 |
|
33 |
HTH, |
34 |
-- |
35 |
Iain Buchanan <iaindb at netspace dot net dot au> |
36 |
|
37 |
In the next world, you're on your own. |
38 |
|
39 |
-- |
40 |
gentoo-user@g.o mailing list |