[sudo-users] Sudo and wildcards, best practices
Alexandre Lucas
alexandremlucas at gmail.com
Wed Dec 15 22:18:34 EST 2010
Hello there,
I am setting up my sudoers in order to have a bit more restriction regarding
commands execution, however, I'm having some problems with sudoers syntax
and wildcards to specify entires directories as a parameter.
In a practical way, I have to configure a group to be able to view all files
from a directory and sub dirs.
At frist, I've tried in sudoers:
/bin/cat /myApplication/[!'..']*
It works only for the files that are, exactly, in the same level of
directory.
ex. works: $ sudo cat /myApplication/file
ex. doesn't work: $ sudo cat /myApplication/dir1/file
So, as a functional mode, I am writing a new line in the sudoers for each
level of dir that I've to contemplate:
/bin/cat /myApplication/[!'..']*
/bin/cat /myApplication/[!'..']*/[!'..']*
/bin/cat /myApplication/[!'..']*/[!'..']*/[!'..']*
Question: Is the any sudo syntax that reduces this command set? I mean, a
better way to write this logic...
atenciosamente,
Alexandre M. Lucas
More information about the sudo-users
mailing list