On Sat, 2024-01-13 at 10:24 +0530, Andinus via beginners wrote: > hw @ 2024-01-12 18:49 +01: > > > Thanks, I thought about sudo and figured it needs a password being > > entered. If that works without, I'll start programming and test if > > something else gets in the way :) > > You can configure sudo to not ask for a password. >
Thanks! I created the daemon (called mcpd), a system user named mcpd, a service file that runs the daemon as that user and made a file /etc/sudoers.d/mcpd: mcpd ALL = NOPASSWD:/usr/sbin/shutdown -r +2, /usr/sbin/shutdown -s +2, /usr/sbin/shutdown -c That works with sudo, so I don't need to install another package for this. I want to specify the host name instead of ALL to be a bit more secure. At first I used the FQDN of the host, then localhost, instead of ALL. Both do not work but give an error message from sudo that the user at host can not be identified. I'm guessing that ALL means any host, which is not what I want. (The man page of sudoers is rather convoluted and thus unhelpful ...) What do I need to use there instead of ALL to limit the allowance for executing above commands to mcpd on localhost? [1] suggests that this is possible (in section 12.3.). Why wouldn't that work on Fedora? [1]: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/managing-sudo-access_configuring-basic-system-settings -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
