[sudo-users] Restrict commands to a specific directory tree
Russell Van Tassell
russell+sudo-users at loosenut.com
Sat Apr 18 14:23:14 EDT 2009
You'll most-likely need to script something like that, if you really
need repeated chown/chmod in a given tree... there's nothing native in
sudo to restrict a user to a directory structure. If you really want to
use sudo for it, chances are a simple script or two can provide the
functionality you need (eg. one script that auto-fixes an entire tree,
another that works under a chroot'd environment and takes arguments,
Note: generally you can get creative with un*x permissions (including
things like stick bits) to accomplish limited shared files or similar.
Most modern OSes also include things like ACLs these days, which go over
and above traditional un*x permissions.
On Sat, Apr 18, 2009 at 12:13:44PM -0400, KENNEY, William P. (Info. Tech. Services) wrote:
> I would like to give some privileges to a small group of users that will
> allow them to modify files and sub-directories in a specific directory
> tree on my server, and nowhere else.
> The commands are chown and chmod.
> After reading the documentation and searching the archives I can't seem
> to find what I need.
Russell M. Van Tassell
russell at loosenut.com
"When you go fishing with a driftnet, sometimes you catch a dolphin."
- An RIAA spokesperson, when asked about the spectacle of file-sharing
lawsuits against innocent grandparents.
More information about the sudo-users