[sudo-users] How to preserve functions in scripts for calling by sudo?

L. A. Walsh sudo at tlinx.org
Sat Jun 3 09:07:47 MDT 2017

terry at remote-shell.org wrote:
> As an another oven overlooked option,  perhaps configure  file system 
> permissions is a way that allows you code to run without the need to 
> use sudo at all (e.g., dont use explosives to kill that fly.)
> Linux ACLs will likely be your tool of choice here.
    Oh yeah!  Since I been using xfs since before it was standard
in the kernel, I'm very familiar with such. 

    But in my use case, ACL's would permit me to accidently
overwrite things I don't want to overwrite.  I.e. I use their
normal "read-only" status as a means to require some 'thinking'
before overwriting something. 

    That's why its been important to get scripts working
correctly again (to allow minimizing the # lines run as root)
while still keeping checks to prevent unforeseen problems as
root from escalating into commands doing bad things.

    Thanks for the tip!

More information about the sudo-users mailing list