LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-02-2009, 02:03 AM   #1
sgm277
LQ Newbie
 
Registered: Apr 2008
Posts: 13

Rep: Reputation: 0
Using sudo to restrict user to locate fixed directory


Hi folks,
I want to let a user (test)only login to special directory such as /var/www and have full control . And the user can only run "mysql" command .
Is it possible using sudo to accomplish it ?

Thanks .
 
Old 01-02-2009, 04:47 AM   #2
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,289

Rep: Reputation: 52
maybe using chroot is appropriate here?
 
Old 01-02-2009, 06:22 AM   #3
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,766
Blog Entries: 27

Rep: Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081
Hi,

You should look at 'sudo';

Code:
excerpt from 'man sudo';
NAME
       sudo, sudoedit - execute a command as another user

SYNOPSIS
       sudo -K | -L | -V | -h | -k | -l | -v

       sudo [-HPSb] [-a auth_type] [-c class|-] [-p prompt] [-u username|#uid]
       {-e file [...] | -i | -s | command}

       sudoedit [-S] [-a auth_type] [-p prompt] [-u username|#uid] file [...]

DESCRIPTION
       sudo allows a permitted user to execute a command as the superuser or
       another user, as specified in the sudoers file.  The real and effective
       uid and gid are set to match those of the target user as specified in
       the passwd file and the group vector is initialized based on the group
       file (unless the -P option was specified).  If the invoking user is
       root or if the target user is the same as the invoking user, no pass-
       word is required.  Otherwise, sudo requires that users authenticate
       themselves with a password by default (NOTE: in the default configura-
       tion this is the user's password, not the root password).  Once a user
       has been authenticated, a timestamp is updated and the user may then
       use sudo without a password for a short period of time (5 minutes
       unless overridden in sudoers).

       When invoked as sudoedit, the -e option (described below), is implied.

       sudo determines who is an authorized user by consulting the file
       /etc/sudoers.  By giving sudo the -v flag a user can update the time
       stamp without running a command. The password prompt itself will also
       time out if the user's password is not entered within 5 minutes (unless
       overridden via sudoers).

       If a user who is not listed in the sudoers file tries to run a command
       via sudo, mail is sent to the proper authorities, as defined at config-
       ure time or in the sudoers file (defaults to root).  Note that the mail
       will not be sent if an unauthorized user tries to run sudo with the -l
       or -v flags.  This allows users to determine for themselves whether or
       not they are allowed to use sudo.
...
You should read the rest of the 'man sudo'.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to restrict user for just one directory? J0sep Linux - Security 5 12-02-2008 04:49 PM
How to restrict a user not to create regular files in a directory gjagadish Programming 7 11-05-2008 05:15 AM
Restrict the user working directory ust Linux - Newbie 3 10-30-2008 11:42 PM
vsftpd: restrict ftp user to designated directory Niceman2005 Linux - Software 3 06-19-2008 01:58 AM
restrict user to home directory at logon pragti Linux - Security 6 02-27-2004 08:00 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration