[sudo-users] Restrict commands to a specific directory tree

Russell Van Tassell russell+sudo-users at loosenut.com
Sat Apr 18 14:23:14 EDT 2009

You'll most-likely need to script something like that, if you really
need repeated chown/chmod in a given tree... there's nothing native in
sudo to restrict a user to a directory structure.  If you really want to
use sudo for it, chances are a simple script or two can provide the
functionality you need (eg. one script that auto-fixes an entire tree,
another that works under a chroot'd environment and takes arguments,

Note: generally you can get creative with un*x permissions (including
things like stick bits) to accomplish limited shared files or similar.
Most modern OSes also include things like ACLs these days, which go over
and above traditional un*x permissions.

On Sat, Apr 18, 2009 at 12:13:44PM -0400, KENNEY, William P. (Info. Tech. Services) wrote:
> Hello,
> I would like to give some privileges to a small group of users that will
> allow them to modify files and sub-directories in a specific directory
> tree on my server, and nowhere else.
> The commands are chown and chmod.
> After reading the documentation and searching the archives I can't seem
> to find what I need.
> TIA,
> Bill

Russell M. Van Tassell
russell at loosenut.com

"When you go fishing with a driftnet, sometimes you catch a dolphin."
 - An RIAA spokesperson,  when asked about the spectacle of file-sharing
   lawsuits against innocent grandparents.

More information about the sudo-users mailing list