restricting cp/mv in a folder
Ritesh Raj Joshi
ritesh at mos.com.np
Wed Aug 9 03:44:11 EDT 2000
HI all!
Actually the following does work when I provide the full path to the file
when I use sudo and only does not work when I am inside /var/mail and try
to do it by mentioning only the file name as I am already in the working
directory.
My sudoers file:
-----------------------------------------------
Cmnd_Alias COPY = /bin/cp /var/mail/[A-z]*
Cmnd_Alias MOVE = /bin/mv /var/mail/[A-z]*
SUPPORT ALL=(root) COPY, MOVE
--------------------
OR
--------------------
Cmnd_Alias COPY = /bin/cp /var/mail/*
Cmnd_Alias MOVE = /bin/mv /var/mail/*
SUPPORT ALL=(root) COPY, MOVE
---------------------------------------------------
Any of the above work now.
Hence I see that one has to provide the full path to the file as mentioned
in the sudoers file.
The following does not work:( I was trying it this way )
$ sudo cp mail1 mail2 (sitting inside /var/mail where mail1 is 600 mode)
This works: ( how stupid of me that I did not try this before )
$ sudo cp /var/mail/mail1 /var/mail/mail2 (sitting anywhere)
Both holds true for mv as well.
So my question is:
Is it mandatory to provide the full path like above?.. I guess so now!
Any insights here ?
Rgds,
\\Ritesh
| r i t e s h r a j j o s h i
| system administrator
| MERCANTILE COMMUNICATIONS PVT. LTD
| www.mos.com.np
| hotline:240920
More information about the sudo-users
mailing list