[sudo-users] Allow the dir creation to one level only
Moisés Barba Pérez
mbarperoi at gmail.com
Wed Apr 13 08:35:50 EDT 2011
That would be a very good solution if the server was only for me. This
server is integrated with LDAP and I can't inform all users about a script
to exec a specific command.
Somebody has any idea about how to workaround this problem????
2011/4/13 Jon Seymour <jon.seymour at gmail.com>
> On Wed, Apr 13, 2011 at 5:27 PM, Moisés Barba Pérez <mbarperoi at gmail.com>
> > Hi:
> > I would like to create a rule in sudoers file to allow an user the
> > comand. I'm looking for the way to limit the dir creation to one level,
> > example:
> > 1. The user can create a dir in /data: sudo mkdir /data/user
> > 2. The user *can't* create a subdir un /data: sudo mkdir /data/user/mydir
> > want to avoid this)
> I think a better way to approach this problem is to define a script
> that implements your policy and then use sudo to provide access to
> this script. You should be free to implement what ever policy you want
> in the script without be constrained by the capabilities or otherwise
> of the sudo rules language.
More information about the sudo-users