Sudo help on Solaris 8
Hi all,
I have a SPARC server with solaris 8 installed on it recently i installed Sudo package for it and configured it so that it will limits users to what they can do below is the config for sudoers file # sudoers file. # # This file MUST be edited with the 'visudo' command as root. # # See the man page for details on how to write a sudoers file. # # Host alias specification # User alias specification User_Alias MAINTAINERS = chris # Cmnd alias specification Cmnd_Alias DEB = /usr/sbin/passwd, /usr/bin/useradd, /usr/local/MAINT/test.ksh # # User privilege specification root ALL=(ALL) ALL MAINTAINERS ALL = DEB I was wonder there's a file that i need to edit by using 'vi' but as a normal user i only have read access to it where and what do i need to add in the 'sudoers' file in order to edit that file for e.g that file is located in '/etc/users' cheers Huy |
Hi,
I don't believe this is really possible with sudo. Sudo will give you the ability to run commands, but as far as I know, you can't be that restrictive about what those commands can be used to do. e.g. you could give the user the ability to run vi as root, but then they can edit any file as root, spawn a shell as root etc. I'm guessing you've already worked that out too. Personally if there's just one file and I need some specific users to have permission to edit it, then I would just use standard UNIX filesystem permissions and groups to do that. e.g. create a group called 'maint', make the file readable and writeable by that group and then add the users I wanted to be able to edit the file to the group. Cheers, Steve |
You can use UFS ACLs to grant that particular user write access to this file.
eg: Code:
setfacl -m user:nuganen:rw- /etc/users/somefile |
All times are GMT -5. The time now is 01:11 AM. |