[sudo-users] sudoers config
christian.peper at kpn.com
christian.peper at kpn.com
Tue Aug 12 06:46:55 EDT 2008
> -----Original Message-----
> From: sudo-users-bounces at courtesan.com
> [mailto:sudo-users-bounces at courtesan.com] On Behalf Of
> dave.parson at daimler.com
> Sent: Thursday, August 07, 2008 9:23 PM
>
> The intent is to allow a group of users to run (2) specific
> commands, and only within a directory structure (but all sub
> directories).
>
>
> They can run "Installer.sh" and "uninstaller.sh" - but only in any
> subdirectory in /pai.
>
> Will this work ?.
>
> Cmd_Alias PAICMDS=/pai/* Installer.sh, /pai/* uninstaller.sh
> ## Note
> there is a space between /pai/* and the command they are
> allowed to run
Dave,
I don't think the space will work. Sudo needs absolute paths, as far as
I know.
You can try inserting the * in it, but I would use /pai/*/Installer.sh
in any case.
You can debug sudo and see which commands are or are not allowed, using
sudo -l (l as in "list"). That way you can see what the effect is of
different paths inside PAICMDS. But I am fairly sure sudo will get
confused with the * in the path.
As an alternative, can you create symbolic links in every subdirectory
and only list /pai/Installer.sh in sudoers?
Hope this helps,
Chris.
More information about the sudo-users
mailing list