Edit sudoers to allow /sbin/ifconfig down with NOPASSWD

1

1

I'm trying to edit /etc/sudoers so that I can execute a bash script with a root password.

so far every edit I've tried to sudoers is not working.

I've tried adding each of these lines: 

%admin    ALL= NOPASSWD: /sbin/ifconfig

%admin    ALL=(ALL) NOPASSWD: /sbin/ifconfig

%users    ALL=(ALL) NOPASSWD: /sbin/ifconfig

"myusername"  ALL=(ALL) NOPASSWD: /sbin/ifconfig

Each time I am able to save and quit out of visudo without any warning about syntax errors. But then when I try to execute the ifconfig command from my admin account, it still says 'permission denied' 

ifconfig en0 down
ifconfig: down: permission denied

Can someone please tell me what is going wrong? thanx

vgndc

Posted 2013-03-09T22:55:38.090

Reputation: 19

Answers

3

You have to prefix your command submission with 'sudo'. In your case, the command would be:

 sudo ifconfig en0 down

Also, with your config you are allowing ANY ifconfig command line parameters to be used. The correct and much more restrictive sudoers entry is:

 %admin     ALL=(root) NOPASSWD: /sbin/ifconfig en0 down

Please do read the man pages on sudo and look at the various good sources of sudo information out there via google.

mdpc

Posted 2013-03-09T22:55:38.090

Reputation: 4 176

Asked: 2013-03-09T22:55:38.090

Viewed: 3 801 times

Active: 2013-03-10T01:27:02.957