Re: vpnc client in debian: setup for normal users
Apparently, _H. S._, on 19/05/05 16:24,typed:
>
> Here is the sudo config I am using to allow users 'user1' and 'user2' to
> using VPN:
> #############################################
> ~# cat /etc/sudoers
> # /etc/sudoers
> #
> # This file MUST be edited with the 'visudo' command as root.
> #
> # See the man page for details on how to write a sudoers file.
> #
> # Host alias specification
> # User alias specification
> User_Alias VPNUSERS = user1, user2
> # Cmnd alias specification
> Cmnd_Alias VPNCOMMANDS =
> /usr/sbin/vpnc,/usr/sbin/vpnc-connect,/usr/sbin/vpnc-disconnect
> # User privilege specification
> root ALL=(ALL) ALL
> VPNUSERS ALL=VPNCOMMANDS
> #############################################
>
> I then put this in .bashrc of the two users:
> #my aliases
> alias vpnopen='sudo vpnc-connect'
> alias vpnclose='sudo vpnc-disconnect'
>
> So after this, the users can use "vpnopen univ" to connect to a VPN
> server (whose config file is /etc/vpnc/univ.conf) and "vpnclose" to
> terminate the VPN connection.
>
> Concerning iptables, I did, however, have to give permissions in
> iptables script to allow all outgoing traffic to tun0 device and all
> related, established in through tun0 (in addition to allowing
> nameservers [given for univ VPN server] through eth0 device).
>
> Now sure if I need that "/usr/sbin/vpnc" there in sudo config though.
I guess it is not needed afterall. Just took "/usr/sbin/vpnc" out of
/etc/sudoers and was still able to establish a VPN connection.
->HS
--
Please remove the underscores ( the '_' symbols) from my email address
to obtain the correct one. Apologies, but the fudging is to remove spam.
Reply to: