problem restricting chown to a certain dir. and a certain group of users

Ritesh Raj Joshi ritesh at
Sun Aug 20 05:27:31 EDT 2000

Same here. I was about to post it on the list too!
Any inputs?



  |  r i t e s h   r a j   j o s h i
  |  system administrator
  |  hotline:240920

On Fri, 18 Aug 2000, Rich Quinn wrote:

> Hi,
> I am trying to get my command alias to work in conjunction with a user alias.
> I am trying to restrict my users so that they can only use the chown
> command inside of a certain directory and, on top of that, they can only
> chown  
> to certain users listed in the User_Alias SS.
> I have been able to restrict which directory they can run chown in easily
> via the 
> CHOWN Cmnd_Alias.
> However, I cannot seem to get sudo to restrict chown with regard to which
> directory 
> to run chown in together with which users it can chown to.
> ===========================================================================
> # sudoers file.
> User_Alias      SS = bob, stan, kim
> Cmnd_Alias      CHOWN = /bin/chown SS /net/usr1/[A-z]*, /bin/chown -R SS
> /net/usr1/[A-z]*
> root    ALL=(ALL) ALL
> ===========================================================================
> So, if I change the above Cmnd_Alias in my sudoers file to substitute user
> kim for 
> User_Alias SS, then I can do the following without any problems:		
> $ sudo chown kim /net/usr1/any_dir	
> However, if I leave the User_Alias and the Cmnd_Alias above as it is in my
> sudoers file, 
> I get an error that the sudo user cannot perform that operation.  
> Any ideas?
> thanks, 
> Rich
> ____________________________________________________________ 
> sudo-users mailing list <sudo-users at>
> For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list