Re: [exim] sudo - iptables trick

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] sudo - iptables trick
Bill Hacker wrote:

>
>
> John Hall wrote:
>
>> On 4/15/06, Marc Perkel <marc@???> wrote:
>>
>>
>>
>>> Trying a load reduction trick which I will share if it works. Running
>>> into a little snag and this is probably simple but I need to get user
>>> mail to run iptables that requires user root to run, and without havinf
>>> to use a password to do it.
>>>
>>
>>
>> You could configure sudo to allow mail to run iptables as root without
>> a password.
>>
>> cheers,
>> John
>>
>
> It's not quite that simple. The OS allows me to run iptables but when
> iptables runs it responds with:
>
> iptables v1.3.0: can't initialize iptables table `filter': Permission
> denied (you must be root)
>
> So - mail has to be root and then run iptables.
>


Or - see my other post - mail has to set a trigger or flag that
will cause root to do the job for it.

*Much* safer....

Bill