0
I want to create an interface similar to that of a dsl router where you can edit network settings in the browser and restart the router with new settings. I want to edit some settings in the browser and run a systemd service via a button or something similar. e.g I want to submit an html form to python CGI script which would then modify the eth1.network file and restart the networkd service. I have an embedded Linux device with Apache web server running on it.
The problem is: Apache web user is not allowed to start/stop system services and of-course i don't want to allow the www-data to start/stop systemd services.
How can i start/stop systemd services from the browser without allowing root privileges to www-data user. I know that web server should never be allowed to access services or any thing out side the root folder 'var/www/' for security reasons.
How does a DSL router accomplishes this? one solution that I found is here Is it safe to allow www-data to execute privileged commands but i dont know how can i implement that. I would apreciate any guide or examples.