Locking down specific nmcli actions
Going through Lab 35.1, it occurred to me that on my system at least (CentOS 7), the ability to take down an interface etc. is not restricted in any way - i.e. any normal user is able to take a network connection down, etc.
From what I can tell, creating a rule using polkit would be the way to go to modify this behaviour. Before I potentially jump down a rabbit hole, I was wondering if anyone had come across a better\simpler way of doing this?