Linux: Allow Normal Users To Take Down eth1:N But Not eth1 Itself

by on June 16, 2010 · 0 comments· LAST UPDATED June 16, 2010

in

I'm using sudo to grant permission to end users under Ububtu Linux. How do I allow users to take down eth1:N but not eth1 itself using sudo?

You can easily prevent users from running ifdown eth1 but allow them to run ifdown eth1:N with sudo as follows:
sudo visudo
Grant permission to admin group users to take down eth1:N
%admin ALL=NOPASSWD: /sbin/ifdown eth1\:*
OR allow user vivek to take down eth1:N:
vivek ALL=NOPASSWD: /sbin/ifdown eth1\:*
vivek ALL=NOPASSWD: /sbin/ifup eth1\:*

Save and close the file. Now user can run take down interface eth1:1 as follows:
sudo /sbin/ifdown eth1:1
OR bring it back:
sudo /sbin/ifup eth1:1
Remove NOPASSWD option if you want to user to supply password.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 0 comments… add one now }

Leave a Comment

Tagged as:

Previous Faq:

Next Faq: