LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Granting limited user a specific restricted cmd privilege
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 08-25-2007, 01:17 PM   #1
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Rep: Reputation: 15
Granting limited user a specific restricted cmd privilege

Hi Folks,

Is there a way I can grant a user with limited privileges access/permission to execute a command which only the root can? For obvious reasons, I don't want to grant the limited user sweeping rights, however it needs access to certain information which can be obtained by the root only.

For example, the limited user needs to obtain the disk serial number using , for eg, % sginfo -a /dev/sda , which can't be run as a limited user. Is there a way I can grant this limited user access to run this command?

Thanks.
 
Old 08-25-2007, 02:20 PM   #2
rtspitz
Member
 
Registered: Jan 2005
Location: germany
Distribution: suse, opensuse, debian, others for testing
Posts: 306

Rep: Reputation: 32
sudo !

--> /etc/sudoers
 
Old 08-25-2007, 02:50 PM   #3
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Original Poster
Rep: Reputation: 15
Thanks rtspitz!!
 
Old 08-26-2007, 03:00 PM   #4
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Original Poster
Rep: Reputation: 15
Haalp!! Goin' insane...

Am using visudo to edit the /etc/sudoers file. But, keeping getting syntax error at the following line:

root ALL =(ALL) ALL

And I haven't even touched this line, an original entry, in any fashion...

Am editting sudoers via an ssh session. Could it be inserting an unpalatable character or two (ok, wild one...grasping at straws here...) ??
 
Old 08-26-2007, 03:18 PM   #5
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Original Poster
Rep: Reputation: 15
Separately, on the subject of sudo & it's use within a script, in the following thread,

...use without a tty...

it was suggested that one needs to add in the default section,

Defaults !requiretty

As per my understanding this change would apply to all sudoers. If I wanted to restrict this to a User_Alias, is the correct directive:

Defaults:XYZ !requiretty

where XYZ is the User_Alias ??

Thanks.
 
  


Reply

Tags
sudo, sudoers, visudo


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
visudo and granting access to mount for a normal user nass Slackware 9 01-26-2007 10:25 PM
How to pass system(cmd) into a specific process? socialjazz Programming 2 10-06-2006 11:35 PM
why multicast restricted only to specific addresses? nocturna_gr General 2 07-15-2006 05:24 PM
Granting user access to devices like a jumpdrive tleadley Fedora - Installation 0 02-17-2005 07:02 PM
ipop3 only granting one user access KnightCrusader Linux - Networking 1 11-25-2003 04:26 AM


All times are GMT -5. The time now is 09:41 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration