Linux: Allow Normal Users To Take Down eth1:N But Not eth1 Itself

I‘m using sudo to grant permission to end users under Ububtu Linux. How do I allow users to take down eth1:N but not eth1 itself using sudo?

You can easily prevent users from running ifdown eth1 but allow them to run ifdown eth1:N with sudo as follows:
sudo visudo
Grant permission to admin group users to take down eth1:N
%admin ALL=NOPASSWD: /sbin/ifdown eth1\:*
OR allow user vivek to take down eth1:N:
vivek ALL=NOPASSWD: /sbin/ifdown eth1\:*
vivek ALL=NOPASSWD: /sbin/ifup eth1\:*

Save and close the file. Now user can run take down interface eth1:1 as follows:
sudo /sbin/ifdown eth1:1
OR bring it back:
sudo /sbin/ifup eth1:1
Remove NOPASSWD option if you want to user to supply password.


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum