On 20200628 18:21:57, ToddAndMargo via users wrote:
On 2020-06-28 17:58, jdow wrote:
On 20200628 15:30:34, ToddAndMargo via users wrote:
On 2020-06-28 13:15, Tom H wrote:
On Sun, Jun 28, 2020 at 10:01 PM ToddAndMargo via users
<users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
On 2020-06-28 12:16, ToddAndMargo via users wrote:
I am trying to use sudo to work around the following bug
I posted:
ifdown access denied with USERCTL=yes
https://bugzilla.redhat.com/show_bug.cgi?id=1828100
I wish they'd fix the bug, but it does not seems like it
is every going to get any attention.
So anyway, I fired up `sudovi` and added the following
at the end of /etc/sudo.conf`:
## Allows members of the users group to down eno2
%users ALL=/usr/libexec/nm-ifdown eno2
Now when I run it from the command line, I get:
$ /usr/libexec/nm-ifdown eno2
Error: failed to load connection: access denied.
Questions:
1) I thought `sudovi` caused sudo to reread sudo.conf
on its exit. Am I mistaken? And if so, how do I
force a reread?
2) what is wrong with the syntax of the command I added
to sudo.conf?
It's "/etc/sudoers.conf".
Hi Tom,
Obviously not the right one.
$ ls -al /etc/sudo.conf
-rw-r--r--. 1 root root 3953 Mar 27 01:50 /etc/sudo.conf
$ less /etc/sudu.conf
#
# Default /etc/sudo.conf file
#
# Sudo plugins:
# Plugin plugin_name plugin_path plugin_options ...
#
# The plugin_path is relative to /usr/libexec/sudo unless
# fully qualified.
# The plugin_name corresponds to a global symbol in the plugin
# that contains the plugin interface structure.
# The plugin_options are optional.
#
# The sudoers plugin is used by default if no Plugin lines are present.
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
...
It's better to add a file, for example "/etc/sudoers.d/ifdown", with
"visudo -f /etc/sudoers.d/ifdown".
# ls /etc/sudoers.d
pkg-build
# grep -i nm-ifdown /etc/sudoers
%users ALL= NOPASSWD: /usr/libexec/nm-ifdown eno2
Ah ha! This worked:
%users ALL= NOPASSWD: /usr/libexec/nm-ifdown eno2
Better:
%users ALL=(root) NOPASSWD: /usr/libexec/nm-ifdown
I wanted the command to be specific to eno2
Then
$ sudo /usr/libexec/nm-ifdown eno2
Connection 'eno2' successfully deactivated (D-Bus active path:
/org/freedesktop/NetworkManager/ActiveConnection/2)
and `sudovi` did cause the re-read as I thought
There's no "sudovi". There's "visudo" to edit the configuration and
there's "sudoedit" to edit a file as another user.
I commonly will reverse letter.
:'(
does sudoedit reload the conf file when it exits?
Thank you!
-T
May I suggest creating a two line script file?
Name it "eno2down"
#!/bin/bash
/usr/libexec/nm-ifdown eno2
Then your sudo command can be "sudo eno2down".
Store it in /usr/local/bin for everybody.
{^_^} Joanne
Hi Joanne,
I am ahead of you on that one:
$ StartStopEth1
Usage: ./StartStopEth1 {start|stop|status} (case sensitive)
It is 145 lines long!
I am currently switching all my bash programs over to
Raku (perl 6). Got some humdingers too!
-T
The point is, you do not have to worry about passing parameters which you seem
to be having difficulty with using sudo. Two simple lines. And that can applied
to start and status as well.
{^_^}
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
