Hi all, could someone tell me if it is possible (or have one) to write korn shell script that allow regular user to use some dangerous commands as root (sudo root commands) like chown, chmod, etc...but limit that user to certain directories on the server?..that way the regular user can't do any damage to /, /usr, /etc, /var, /tmp when executing root commands via sudo. Thank you for your time.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
root script for regular user
- Thread starter bhhhoang
- Start date
You can control this in /etc/sudoers.
e.g.
root:/# visudo
user1 ALL = /bin/chmod ??? /TARGETDIR/*
of course, you might want to add another entry (for ls) if the user does not know what the contents of the target directory would look like.
The _proper_ way would be to use new group for all target directories and grant this user group write access, or at worst using a ACL to give special permissions...
-Niel
e.g.
root:/# visudo
user1 ALL = /bin/chmod ??? /TARGETDIR/*
of course, you might want to add another entry (for ls) if the user does not know what the contents of the target directory would look like.
The _proper_ way would be to use new group for all target directories and grant this user group write access, or at worst using a ACL to give special permissions...
-Niel
- Status
Similar threads
- Locked
- Question