LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices

Reply
 
Search this Thread
Old 02-09-2013, 03:25 PM   #16
Curiosity42
LQ Newbie
 
Registered: Jan 2013
Location: Earth
Posts: 20

Original Poster
Rep: Reputation: 0

Here is the information:
Code:
[securityoperator1@LME ~]$ getfacl --all-effective /etc/modprobe.d/dist.conf
getfacl: Removing leading '/' from absolute path names
# file: etc/modprobe.d/dist.conf
# owner: root
# group: root
user::rw-
user:securityoperator1:rw-      #effective:rw-
group::r--                      #effective:r--
group:securityoperator:rw-      #effective:rw-
mask::rw-
other::r--

[securityoperator1@LME ~]$
 
Old 02-09-2013, 03:55 PM   #17
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,987
Blog Entries: 54

Rep: Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742
ACL for the file itself can't be the problem here. Looks good. If the /etc/modprobe.d directory has octal 0750 like you would expect and securityoperator1 has "rwx" for directory /etc/modprobe.d then I don't know.
 
Old 02-10-2013, 01:29 AM   #18
Curiosity42
LQ Newbie
 
Registered: Jan 2013
Location: Earth
Posts: 20

Original Poster
Rep: Reputation: 0
Thanks a lot of your help unSpawn. I do not know what is wrong either, I have to try to get it working with sudo. I would have preferred to do it with setfacl, but bad luck. I hope I will not have similar problems with sudo.
 
Old 02-10-2013, 07:40 PM   #19
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,987
Blog Entries: 54

Rep: Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742
Quote:
Originally Posted by Curiosity42 View Post
I do not know what is wrong either, I have to try to get it working with sudo. I would have preferred to do it with setfacl, but bad luck. I hope I will not have similar problems with sudo.
You haven't exactly answered my question but OK, you have to force a decision I guess. Wrt Sudo be aware you have to be precise. 'man sudoers' explains the difference between
Code:
securityoperator1 hostname = vi /etc/*
and
Code:
%securityoperator hostname = NOEXEC: /usr/bin/vi /etc/modprobe.d/dist.conf
*BTW do make a backup beforehand and if this is not some one-off maybe ponder usage of config management (like Puppet?) or at least versioning (centrally). HTH and G/L.
 
Old 02-16-2013, 05:53 AM   #20
Curiosity42
LQ Newbie
 
Registered: Jan 2013
Location: Earth
Posts: 20

Original Poster
Rep: Reputation: 0
Yes, I had to force a decision, because I had no longer time for investigation.
I am still interested in a setfacl solution, because I am not happy with the sudo result.
In a few weeks I will have another go on it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
convert LAN IP address to Host Name when I give cmd tail -f /var/log/squid/access.log rs15 Linux - Networking 6 01-22-2012 01:45 AM
visudo? I need to provide sudo access to Oracle User rohit724 Linux - Newbie 2 12-09-2010 10:25 AM
Provide only ssh access to a guest user lothario Linux - Newbie 5 08-02-2009 04:38 PM
Can Samhain log my entries in /var/log/secure and /var/log/mesage to a central server abefroman Linux - Software 2 04-13-2008 04:13 PM
Strange results in /var/log/apache/access.log subt13 Linux - Security 2 08-03-2004 01:21 PM


All times are GMT -5. The time now is 12:58 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration