I‘m using sudo to grant permission to end users under Ububtu Linux. How do I allow users to take down eth1:N but not eth1 itself using sudo?
You can easily prevent users from running ifdown eth1 but allow them to run ifdown eth1:N with sudo as follows:
Grant permission to admin group users to take down eth1:N
%admin ALL=NOPASSWD: /sbin/ifdown eth1\:*
OR allow user vivek to take down eth1:N:
vivek ALL=NOPASSWD: /sbin/ifdown eth1\:*
vivek ALL=NOPASSWD: /sbin/ifup eth1\:*
Save and close the file. Now user can run take down interface eth1:1 as follows:
sudo /sbin/ifdown eth1:1
OR bring it back:
sudo /sbin/ifup eth1:1
Remove NOPASSWD option if you want to user to supply password.