Re: [exim] sudo - iptables trick

Top Page
Delete this message
Reply to this message
Author: John Hall
Date:  
To: Marc Perkel
CC: exim-users
Subject: Re: [exim] sudo - iptables trick
On 4/15/06, Marc Perkel <marc@???> wrote:

> > You could configure sudo to allow mail to run iptables as root without
> > a password.


> It's not quite that simple. The OS allows me to run iptables but when
> iptables runs it responds with:
>
> iptables v1.3.0: can't initialize iptables table `filter': Permission
> denied (you must be root)
>
> So - mail has to be root and then run iptables.


Yes, but if you configure sudo appropriately you can type 'sudo
iptables' and it will be run as root. See 'man sudo'.


$ /sbin/iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Permission
denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination


Chain FORWARD (policy ACCEPT)
target     prot opt source               destination


Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination



cheers,
John