[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Time to rethink ifupdown

On Sun, 20 Aug 2006 16:11:16 +0700, David Goodenough <david.goodenough@btconnect.com> wrote:

Obviously if you are configuring a server you do not want others than the
administrator setting up the network, but if you are the sole user of a
laptop there needs to be a safe way for the user (non-technical) to do
this as the user moves from one location to another.

One option that has occurred to me is to establish a group which is allowed to edit /etc/network/interfaces. The obvious problem with this is the up and down commands, which allow any program to be run as root. Fortunately there is an answer, which is to use the "macro" facility that ifupdown has (the one used for wireless-xxx) and then it gets controllable and therefore safe (if used properly). This would need either to abandon up and down all together or to have a switch (presumable in /etc/defaults/ifupdown) which enabled the
use of this group and disabled the use of up and down.

When a laptop user moves between usual locations, there should be no need to edit /etc/network/interfaces. If you mean adding new locations, there really should be user-friendly tools which do it.

Alexey Feldgendler <alexey@feldgendler.ru>
[ICQ: 115226275] http://feldgendler.livejournal.com

Reply to: