[sudo-users] IMHO -> sudo-users Digest, Vol 37, Issue 12

Stoddard, Kevin M Kevin.Stoddard at ihs.gov
Fri Jan 27 15:22:18 EST 2006 

You may want to consider setting up a group, such as, "WEBFOLKS", assign the necessary users to this group, and then create, "chmod root.WEBFOLKS", rights to /opt/WebSphere/*.  Since you appear to desire "giving away the farm" to everyone, sudo doesn't really make it simple.  As you discovered, sudo only gives group rights to one level of a directory.

I'm assuming you wish to give not only execute privileges to applications in those directories but the ability to read and right data files, as well.  The above approach is probably the easiest way to accomplish your goals.  If it is only execute privileges you want to give, and, if the number of programs is manageable, you can do this:
	1) create a directory that gives all users execute privilege,
	2) create links in this directory to those programs you wish them to use,
	3) you now can create a sudo, group directory, to this new directory.

(This worked for me on RH Linux, version 8.0.  I am in the process of testing it on AIX 5.2)

Hope this is of some help...
Kevin



Today's Topics:

   1. Help with Sudo (dprice1 at metlife.com)

----------------------------------------------------------------------

I need to give a group full root access to a directory /opt/WebSphere  and
all its subdirectories.  The only way I know to do this is by using a
wildcard /opt/WebSphere/*  but that seems to only give me access to
anything within that directory but not any of the subdirectories.

Is there an easy way to give full root access to /optWebSphere and all of
its 1500+ subdirectories.

Any suggestions would be greatly appreciated.

Thank you.
Dean Price
dprice1 at metlife.com
The information contained in this message may be CONFIDENTIAL and is for the intended addressee only.  Any unauthorized use, dissemination of the information, or copying of this message is prohibited.  If you are not the intended addressee, please notify the sender immediately and delete this message.


------------------------------

More information about the sudo-users mailing list