[sudo-users] /etc/sudoers: allowing a subshell command within quotes
Martin Gerdes
martingrds at googlemail.com
Mon Jul 6 06:22:28 EDT 2009
One of the examples in the sudo manpage is this one:
sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
How would I modify /etc/sudoers to allow precisely that one command?
I experimented with something simpler:
sudo sh -c ls /root
If I add a line 'admin ALL= NOPASSWD: /bin/sh -c ls /root' to /etc/sudoers,
then the above example works (for user admin).
However, I find no way to get quotes to work, i.e.
sudo sh -c "ls /root"
(which is needed for stuff like pipes, backticks and redirection)
I tried the lines 'admin ALL= NOPASSWD: /bin/sh -c "ls /root"' and
'admin ALL= NOPASSWD: /bin/sh -c \"ls /root\"', neither of which works.
So, can anyone tell me what I would have to write into /etc/sudoers to allow
running the example from the sudo manpage, only that command and no other?
More information about the sudo-users
mailing list