full access on perticular folder

[Sadananda B Rai]

Thank you for the reply.
   At least can I allow to run /bin/* on /var/* ?? i tried sudo setup like
this...

User_Alias FULLTIME = rai,test
FULLTIME  ALL = (ALL)  PASSWD: /bin/mkdir /var/*, /bin/cp /var/*, /bin/rm
/var/* /bin/mv /var/*

It works but is there any way atleast I can say

User_Alias FULLTIME = rai,test
FULLTIME  ALL = (ALL)  PASSWD: /bin/* /var/*, /usr/local/bin/* /var/*

it works on some commands. For example "sudo tar xvzf /var/test.tgz"
Sorry, user rai is not allowed to execute 'sudo tar xvzf /var/test.tgz' as
root on server.
 Need more help on this. if this works I am fine.

Rai



-----Original Message-----
From: Herbert Wengatz [mailto:Herbert.Wengatz at partner.bmw.de]
Sent: Tuesday, April 29, 2003 5:42 PM
To: srai at zeomega.com
Cc: sudo-users at sudo.ws
Subject: Re: full access on perticular folder


Perhaps you have more in mind to "chroot" his environment?

Read the manpage (man chroot) for chroot and think about it.

IMHO it's not done (or even doable?) with sudo.

Yours,

Herbert


srai at zeomega.com wrote:

> Hello All,
>         As I am new to Linux, I need some help on sudo. I am using sudo
and
> it's working fine. Right now I have one user called "rai" who can do
> anything as root using sudo.
>         But, This user work full time only on his home folder and /var, I
> want something like he can run all the commands as root only in /var/* and
> he should not be able to run anywhere else as sudo. Sudo should allow
> commands as root only in /var/*. I tried googling but didn't get more on
> this. Is anybody can help me or is if my concept is wrong any other
> suggestions appreciated. Thanks in advance
>
> Rai
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users

Unix is the only operating system, where 'more magic' really works.