Debian, sudoers and restarting networking


Recommended Posts

Hey guys, I'm trying to allow my web interface to restart networking after I change the IP Address (I'm going to edit /etc/network/interfaces - that will work right?)

My sudoers file looks like thus:

#Command Aliases
Cmnd_Alias SETDATE = /bin/date, /sbin/hwclock
Cmnd_Alias SHUTDOWN = /sbin/shutdown
Cmnd_Alias RESTART_NETWORK = /etc/init.d/networking start

www-data		ALL = NOPASSWD: SHUTDOWN, SETDATE, RESTART_NETWORK
root	ALL=(ALL) ALL

When the user tries to run the command though I get,

Configuring network interfaces...ifup: failed to open statefile /etc/network/run/ifstate: Permission denied

failed.

Any ideas? I tried chmoding the whole folder to 777 to no avail, but perhaps I'm not understanding the error correctly. :blush:

Link to comment
Share on other sites

No, don't change the permissions of that file.

To add "user" to the sudo list. "user" will have administration rights and no password will be asked. Is that what you need?

# Members of the admin group may gain root privileges
user ALL=NOPASSWD: ALL

Edited by LechioPT
Link to comment
Share on other sites

No, don't change the permissions of that file.

To add "user" to the sudo list. "user" will have administration rights and no password will be asked. Is that what you need?

# Members of the admin group may gain root privileges
user ALL=NOPASSWD: ALL

Argh, damn you :p I just spent all this time trying to find out what group networking comes under :p.

Umm, I don't want www-data to be able to run all commands as root, just a select few to reduce the chances of someone doing something naughty. :)

Edit Edit: All good, kinda, changed the line to this,

www-data ALL=NOPASSWD: RESTART_NETWORK, SETDATE, SHUTDOWN

Edited to remove my silly mistakes. :)

Edited by Pc_Madness
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.