On Sun, Jun 28, 2020 at 10:01 PM ToddAndMargo via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > On 2020-06-28 12:16, ToddAndMargo via users wrote: >> >> I am trying to use sudo to work around the following bug >> I posted: >> >> ifdown access denied with USERCTL=yes >> https://bugzilla.redhat.com/show_bug.cgi?id=1828100 >> >> I wish they'd fix the bug, but it does not seems like it >> is every going to get any attention. >> >> So anyway, I fired up `sudovi` and added the following >> at the end of /etc/sudo.conf`: >> >> ## Allows members of the users group to down eno2 >> %users ALL=/usr/libexec/nm-ifdown eno2 >> >> Now when I run it from the command line, I get: >> >> $ /usr/libexec/nm-ifdown eno2 >> Error: failed to load connection: access denied. >> >> Questions: >> >> 1) I thought `sudovi` caused sudo to reread sudo.conf >> on its exit. Am I mistaken? And if so, how do I >> force a reread? >> >> 2) what is wrong with the syntax of the command I added >> to sudo.conf? It's "/etc/sudoers.conf". It's better to add a file, for example "/etc/sudoers.d/ifdown", with "visudo -f /etc/sudoers.d/ifdown". > Ah ha! This worked: > > %users ALL= NOPASSWD: /usr/libexec/nm-ifdown eno2 Better: %users ALL=(root) NOPASSWD: /usr/libexec/nm-ifdown > Then > > $ sudo /usr/libexec/nm-ifdown eno2 > > Connection 'eno2' successfully deactivated (D-Bus active path: > /org/freedesktop/NetworkManager/ActiveConnection/2) > > > and `sudovi` did cause the re-read as I thought There's no "sudovi". There's "visudo" to edit the configuration and there's "sudoedit" to edit a file as another user. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
