LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices

Reply
 
Search this Thread
Old 02-08-2011, 09:02 AM   #1
carlosinfl
Senior Member
 
Registered: May 2004
Location: Orlando, FL
Distribution: Debian
Posts: 2,896

Rep: Reputation: 73
Question Limiting Sudo Access


I have some developers who need to be granted sudo access but I want to limit the access from 'ALL' to just being able to manage items in /opt/rational/ directory but nothing above that hierarchy directory (hope that makes sense)

How would I so something like this?
 
Old 02-08-2011, 09:12 AM   #2
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
sudo is about giving permissions to run certain processes as another account. You are looking for some access control for directories. Do the developers need plain root access, or would it be sufficient to limit it to certain commands which could be granted to them, or not granting root but another account?

Being root they could otherwise adjust anything to change other files as well.
 
Old 02-11-2011, 08:02 AM   #3
tarik007
LQ Newbie
 
Registered: May 2008
Location: netherlands
Distribution: redhat, fedora
Posts: 4

Rep: Reputation: 0
limiting sudo Access

You can give to your developers team a permission to run a script, command or job of root or another user such as in the following lines by editing the /etc/sudoers file:
Cmnd_Alias CMD_SUDO_Developers = /usr/bin/su - devel, /usr/bin/su - devel -c *
Cmnd_Alias CMD_SUDO_run = /root/commands/to/run
Cmnd_Alias SUDO = /usr/bin/sudo, /usr/local/bin/sudo, /bin/sudo, \
/opt/freeware/bin/sudo

# group privilege specification
%root ALL = (ALL) CMD_SUDO_ROOT
%developers ALL = (ALL) CMD_SUDO_Developers, SUDO
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
limiting samba access jkeertir Linux - Newbie 1 12-30-2009 10:54 AM
limiting sudo chud67 Linux - General 3 03-29-2006 01:08 PM
sudo: limiting activity to the localhost Cenobite Linux - Security 4 03-02-2006 11:27 AM
Limiting sudo su -? RickAOTC Linux - Newbie 2 02-01-2006 07:28 AM


All times are GMT -5. The time now is 01:36 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration