Apparently, _H. S._, on 19/05/05 16:24,typed: > > Here is the sudo config I am using to allow users 'user1' and 'user2' to > using VPN: > ############################################# > ~# cat /etc/sudoers > # /etc/sudoers > # > # This file MUST be edited with the 'visudo' command as root. > # > # See the man page for details on how to write a sudoers file. > # > # Host alias specification > # User alias specification > User_Alias VPNUSERS = user1, user2 > # Cmnd alias specification > Cmnd_Alias VPNCOMMANDS = > /usr/sbin/vpnc,/usr/sbin/vpnc-connect,/usr/sbin/vpnc-disconnect > # User privilege specification > root ALL=(ALL) ALL > VPNUSERS ALL=VPNCOMMANDS > ############################################# > > I then put this in .bashrc of the two users: > #my aliases > alias vpnopen='sudo vpnc-connect' > alias vpnclose='sudo vpnc-disconnect' > > So after this, the users can use "vpnopen univ" to connect to a VPN > server (whose config file is /etc/vpnc/univ.conf) and "vpnclose" to > terminate the VPN connection. > > Concerning iptables, I did, however, have to give permissions in > iptables script to allow all outgoing traffic to tun0 device and all > related, established in through tun0 (in addition to allowing > nameservers [given for univ VPN server] through eth0 device). > > Now sure if I need that "/usr/sbin/vpnc" there in sudo config though.
I guess it is not needed afterall. Just took "/usr/sbin/vpnc" out of /etc/sudoers and was still able to establish a VPN connection. ->HS -- Please remove the underscores ( the '_' symbols) from my email address to obtain the correct one. Apologies, but the fudging is to remove spam. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
