<div dir="ltr"><div>I have figured it out after some struggling. Sudo won't work due to tty requirement set by default in sudoers. So in order to be able to execute sudo command we need to disable tty requirement for that particular user in /etc/sudoers by adding:</div>
<div> </div><div>Defaults:opensips !requiretty</div><div> </div><div>(where opensips is the userid which opensips runs as)</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">2013/9/20 Stefano Pisani <span dir="ltr"><<a href="mailto:stefano.pisani@omnianet.it" target="_blank">stefano.pisani@omnianet.it</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>are you sure to know how to configure
sudo?<br>
please post the user used by openSIPS and sudo configuration
(sudoers)<br>
<br>
<br>
<br>
Il 20/09/2013 19.11, Dragomir Haralambiev ha scritto:<br>
</div>
<blockquote type="cite"><div><div class="h5">
<div dir="ltr">
<div>Hello everyone,</div>
<div> </div>
<div>I am trying to execute 'iptables' from opensips in
the script, which works if opensips runs as root. However if
opensips is configured to run as non-privileged user, in order
to control iptables, I have to call iptables via sudo. Command
works on the command prompt when executed manually under the
user opensips run as, but does not seem to execute if run by
opensips itself.</div>
<div> </div>
<div>This is how I try to call it:</div>
<div> </div>
<div>exec_msg("/usr/bin/sudo /sbin/iptables -A INPUT -s $si -p
udp -j DROP"); </div>
<div> </div>
<div>log file says command is executed, but the firewall rules
do not get updated.</div>
<div> </div>
<div>Any idea why?</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br></div>