0

Background: I am trying to implement dynamic routing for a system.

Is it possible to create a super user that is restricted to changing the routing table? Something like a restricted sudo that can only run route or ip route?

I don't know exactly what would be the best way to do this, everything I think about is rather awkward. One idea I had was to run a service and simple write a file with the new table information and check whether that file changed.

The solutions I found were really strange, using virtual machines, which I would rather avoid.

Is there a good/safe or canonical way of doing this?

Thank you!

user27221
  • 111
  • 6

1 Answers1

0

Sure, you can use bird, which already implements all the kinds of dynamic routing protocols. It's the topnotch routing deamon at tis time (mid-spring 2021). It runs from root; however, I really doubt you need to restrict it.

The approach you describing sounds more like reinventing the wheel. The triangle wheel.

drookie
  • 9,120
  • 1
  • 21
  • 29