Re: [exim] sudo - iptables trick

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: John Hall
Dátum:  
Címzett: Marc Perkel
CC: exim-users
Tárgy: Re: [exim] sudo - iptables trick
On 4/15/06, Marc Perkel <marc@???> wrote:

> > You could configure sudo to allow mail to run iptables as root without
> > a password.


> It's not quite that simple. The OS allows me to run iptables but when
> iptables runs it responds with:
>
> iptables v1.3.0: can't initialize iptables table `filter': Permission
> denied (you must be root)
>
> So - mail has to be root and then run iptables.


Yes, but if you configure sudo appropriately you can type 'sudo
iptables' and it will be run as root. See 'man sudo'.


$ /sbin/iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Permission
denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination


Chain FORWARD (policy ACCEPT)
target     prot opt source               destination


Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination



cheers,
John