Michael Tremer wrote:

>> Can someone point me in the right direction for peeking unbound
>> statistics from perl/cgi scripts? I’ve tried sudo-ing (I’d rather not,
>> for security reasons), separate bash scripts and qx/backticks, they all
>> seem to fail with exit code 256 which seems to be a permission problem.
>> Running anything from an SSH session obviously succeeds, because then I
>> have all the rights I need.
> 
> Depending how fit you are with C, you can build such a “setuid binary”
> yourself. There is plenty of inspiration here:
> 
I had the same problem when porting the IPCop Banish addon to IPFire because 
the setuid binary program that was bundled with the original Banish addon 
did not run on a lot of the hardware I was using for testing. 

As a workaround I added my update command to  /etc/sudoers as
 nobody ALL=NOPASSWD: /your/command/here
so it can be run from the cgi with sudo. 

I suspect that this has security implications so use at your own risk.

> https://git.ipfire.org/?p=ipfire-2.x.git;a=tree;f=src/misc-progs;h=a1a3f2c9ca75d8077a6f3d122b7a5e7ffaa71432;hb=HEAD
> 
> But since you have said that you are not a developer, this might be a
> little bit hard :) Let me know where I can help out.
> 

Thank you for the links Michael this should be the way I should go with 
Banish. I'll see if get something compiled for my prog.

HTH

Rob