LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-25-2007, 02:17 PM   #1
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Rep: Reputation: 15
Granting limited user a specific restricted cmd privilege


Hi Folks,

Is there a way I can grant a user with limited privileges access/permission to execute a command which only the root can? For obvious reasons, I don't want to grant the limited user sweeping rights, however it needs access to certain information which can be obtained by the root only.

For example, the limited user needs to obtain the disk serial number using , for eg, % sginfo -a /dev/sda , which can't be run as a limited user. Is there a way I can grant this limited user access to run this command?

Thanks.
 
Old 08-25-2007, 03:20 PM   #2
rtspitz
Member
 
Registered: Jan 2005
Location: germany
Distribution: suse, opensuse, debian, others for testing
Posts: 307

Rep: Reputation: 33
sudo !

--> /etc/sudoers
 
Old 08-25-2007, 03:50 PM   #3
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Original Poster
Rep: Reputation: 15
Thanks rtspitz!!
 
Old 08-26-2007, 04:00 PM   #4
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Original Poster
Rep: Reputation: 15
Haalp!! Goin' insane...

Am using visudo to edit the /etc/sudoers file. But, keeping getting syntax error at the following line:

root ALL =(ALL) ALL

And I haven't even touched this line, an original entry, in any fashion...

Am editting sudoers via an ssh session. Could it be inserting an unpalatable character or two (ok, wild one...grasping at straws here...) ??
 
Old 08-26-2007, 04:18 PM   #5
itnaa
Member
 
Registered: Dec 2006
Distribution: CentOS 4.4 (2.6.9-42.0.2.ELsmp)
Posts: 55

Original Poster
Rep: Reputation: 15
Separately, on the subject of sudo & it's use within a script, in the following thread,

...use without a tty...

it was suggested that one needs to add in the default section,

Defaults !requiretty

As per my understanding this change would apply to all sudoers. If I wanted to restrict this to a User_Alias, is the correct directive:

Defaults:XYZ !requiretty

where XYZ is the User_Alias ??

Thanks.
 
  


Reply

Tags
sudo, sudoers, visudo


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
visudo and granting access to mount for a normal user nass Slackware 9 01-26-2007 11:25 PM
How to pass system(cmd) into a specific process? socialjazz Programming 2 10-07-2006 12:35 AM
why multicast restricted only to specific addresses? kpachopoulos General 2 07-15-2006 06:24 PM
Granting user access to devices like a jumpdrive tleadley Fedora - Installation 0 02-17-2005 08:02 PM
ipop3 only granting one user access KnightCrusader Linux - Networking 1 11-25-2003 05:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration