LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   My user needs full access without sudo (https://www.linuxquestions.org/questions/linux-security-4/my-user-needs-full-access-without-sudo-4175573577/)

xmrkite 02-29-2016 01:33 PM
My user needs full access without sudo
 
Ok, so I need to have full access to view folders on my server without using sudo.

The backintime program that runs my backup to my backup server does not work for me when I run it as root. It just won't connect to the backup server. So, I decided to just run the backintime backup with my regular user.

Problem is that some folders are set to 700 (owner only) and I can't get in without sudo. So those folders don't get backed up.

I made my user a member of all the groups on the server but that does nothing for me.

How do I get my user to have full read access to all folders on the server without sudo

I'm running lubuntu 14.04 on the server.

JJJCR 03-01-2016 01:39 AM
have you tried setfacl:


setfacl -m u:captJ:r /path/to/journey

pan64 03-01-2016 01:51 AM
why without sudo?

ilesterg 03-01-2016 04:45 AM
Quote:
Originally Posted by xmrkite (Post 5508077)
Problem is that some folders are set to 700 (owner only) and I can't get in without sudo. So those folders don't get backed up.

I made my user a member of all the groups on the server but that does nothing for me.
Then what happened to the group security of the folders? If it remains at 0, then you can't really expect having read access to folders owned by other members of your group.

Cheers.

xmrkite 03-01-2016 12:06 PM
When backintime runs as root (sudo), it won't connect to my backintime server at all. When I run it as my user it connects, but I don't have full access to all folders and files on my own server...just read access is all I need.

xmrkite 03-01-2016 12:06 PM
Quote:
Originally Posted by JJJCR (Post 5508317)
have you tried setfacl:


setfacl -m u:captJ:r /path/to/journey

Won't that be undone though as they upload new files and folders? Won't the next rsync see the change and reupload the files?

JJJCR 03-01-2016 08:32 PM
Quote:
Originally Posted by xmrkite (Post 5508538)
Won't that be undone though as they upload new files and folders? Won't the next rsync see the change and reupload the files?
you can do a simple test and check the result.

pan64 03-02-2016 12:47 AM
see man page of sudo:
Code:
-u user, --user=user
                Run the command as a user other than the default target user (usually root ). The user may be either a user name or a numeric
                user ID (UID) prefixed with the ‘#’ character (e.g.  #0 for UID 0).  When running commands as a UID, many shells require that
                the ‘#’ be escaped with a backslash (‘\’).  Some security policies may restrict UIDs to those listed in the password data‐
                base.  The sudoers policy allows UIDs that are not in the password database as long as the targetpw option is not set.  Other
                security policies may not support this.
What is the problem with sudo?

John VV 03-02-2016 01:13 AM
then use "su - " and the root password

Code:
su -
--- your root pass when asked --
gedit


All times are GMT -5. The time now is 02:07 AM.