locking install/upgrade/remove in sudoers

Asked by Seb on 2010-10-04


I was just looking at the script for locking down webcontentcontrol (changing sudoers to prevent access to it).

I was wondering if it was possible to edit sudoers to also block removing/installing/updating dansguardian and firehol while still being able to install/update/remove other programs?

This would allow a user to continue using ubuntu as normal (installing apps as needed) and have a filter they can't turn off (currently if you uninstall firehol the filter doesn't work).

Question information

English Edit question
WebContentControl Edit question
No assignee Edit question
Last query:
Last reply:
Seb (sebas-home1) said : #1

Thanks in advance for any help

KIAaze (zohn-joidberg) said : #2

You can create a script calling apt-get, but filtering out any attempt to remove dansguardian, tinyproxy or firehol.
Then you just give the user sudo permissions on this script instead of apt-get.

Have a look at what Eric Duveau did here:

KIAaze (zohn-joidberg) said : #3

If you write such a script, let me know and I'll add it to the repository. :)
(Or you can join the team and add it yourself.)

Can you help with this problem?

Provide an answer of your own, or ask Seb for more information if necessary.

To post a message you must log in.