I want allow an non root user to add and delete elements from nftables (nft) set, any clues how to do it?
currently I get: Operation not permitted (as expected)
the nft commands in particular are:
$ nft add element inet abc myset { ... }
$ nft delete element inet abc myset { ... }
mate, I really thank you for your support and sure sudo will work and can be constrained to only use specific commands an so on, but still is too broad and outside the spec:
I’m looking at authorizations, like a polkit directive or so.
This line in the /etc/sudoers file will allow user to run only commands in the COMMA_SEPARATED_LIST_OF_CMDS as root, and deny any other commands. How is too broad? You can even specify arguments, like run this command with these args, but not with those args. You can see EXAMPLES section of man sudoers for more examples.