On 11/20/2014 03:28 PM, John Jason Jordan wrote:
> On Wed, 19 Nov 2014 15:05:22 -0800
> David <[email protected]> dijo:
>
>> On 11/19/2014 02:31 PM, John Jason Jordan wrote:
>>> I want to disconnect and later reconnect eth1* in a bash script.
>>> "Sudo ifconfig eth1 down" and then later "...up" will do it, but
>>> every time I run the script I will have to pump in my password.
>
>> The good news is that you can resolve the issue by modifying your
>> sudoers file to not require a password for the ifconfig command.
>>
>> Using the visudo command, you can follow this template I have:
>>
>> Cmnd_Alias NETWORK = /sbin/ifconfig, /usr/sbin/wpa_gui, \
>> /sbin/dhclient, \
>> /etc/init.d/networking, /usr/sbin/iftop
>>
>> dafr ALL=PASSWD: ALL, NOPASSWD:NETWORK,TOOLS,PMTOOLS
>>
>> In your follow-up email, you pointed to something that sounds like
>> routing issues, but without more information it would be hard to
>> verify that, and pointless if you can use this as a solution and don't
>> require both interfaces up at the same time.
>
> Configuring the interfaces with other parameters, as well as routing
> issues are matters of which I have little ken.
>
> I should add that I pored through nmcli and couldn't find any way that
> it would accomplish what I want without sudo, but I must admit that I
> understood only about half of what I was reading. It seemed to be
> mostly a tool for shortening commands, e.g., so you could type 'con'
> instead of 'connection.'
>
> The suggestion to use the visudo command sounds like the easiest
> solution, except that your template doesn't work for me and I don't know
> how to fix it. That is, I pasted it at the end of the sudoers file. and
> changed 'dafr' (which I assume is your username) to 'jjj,' wrote out
> the file and exited nano (Ubuntu uses nano instead of vi). Then I gave
> the command 'ifconfig eth0 up' as jjj, and got the usual permission
> denied message.
I despise NetworkManager so it's one of the first things I strip from
any system I manage. Consequently I can't help you with the nmcli stuff.
As for issues with the /etc/sudoers file, I can provide a few insights
on what to check for, and what yours might look like:
--- begin ---
Cmnd_Alias NETWORK = /sbin/ifconfig, /usr/sbin/wpa_gui, \
/sbin/dhclient, /etc/init.d/networking
jjj ALL=PASSWD: ALL, NOPASSWD:NETWORK
--- end ---
It's important to note that after the backslash of the first line that
there be a hard return (read: no white space). This is a line
continuation character and the file behaves differently without the
backslash-return combo.
I have other aliases built into my sudoers file and you won't, so remove
those as well.
After all that, you can test it manually:
$ sudo ifconfig $options
You should get just the output of the command back and not be prompted
for a password.
Incidentally, you can change the default editor for that kind of thing
by adding 'export EDITOR=/usr/bin/vi' or other editor of choice to your
login files for your jjj user account.
dafr
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
