LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Sudo question specific commands on specific directories (https://www.linuxquestions.org/questions/linux-security-4/sudo-question-specific-commands-on-specific-directories-4175529280/)

slufoot80 12-26-2014 11:06 AM

Sudo question specific commands on specific directories
 
Ok what I want to do is allow a user to run the following commands on specific directories but these are root commands

Code:

unlink /source/directory
Code:

ln -s /source/directory /destination/directory
Code:

mv /source/directory to /destination/directory.old

veerain 12-26-2014 12:42 PM

Make the user owner of parent directory.

rknichols 12-26-2014 02:19 PM

You can set up sudoers so that the user is allowed to run those commands with exactly those arguments.

slufoot80 12-29-2014 08:40 AM

sudo permissions for specific commands
 
Ok what I want to do is give a user permissions or the ability to run the command below for only the specific command and location nothing else on a case by case bases, i.e..

Code:

unlink /forms/directory
Then
Code:

ln -s /new/location/ to /forms/directory
Then
Code:

mv /old/location to /old/location.old
and only for the above locations and nothing more these locations are owned by other users and the /old/ directory is owned by root, but /old/"location" is owned by the owner. but the links are owned by root

unSpawn 12-29-2014 08:57 AM

Note 'unlink' doesn't automagically mean being able to delete directories. Also note this seems to be a continuation of https://www.linuxquestions.org/quest...es-4175529280/ so I'll be merging threads.

As for your question: first create a shell script containing the above commands, then make it executable (0755) and place it in say /usr/local/sbin/, then edit (visudo) /etc/sudoers to allow that user to execute the script as root user. See 'man sudoers' for examples. If unsure post your script plus your modified /etc/sudoers.

slufoot80 12-30-2014 08:53 AM

replay
 
Quote:

Originally Posted by unSpawn (Post 5291962)
Note 'unlink' doesn't automagically mean being able to delete directories. Also note this seems to be a continuation of https://www.linuxquestions.org/quest...es-4175529280/ so I'll be merging threads.

As for your question: first create a shell script containing the above commands, then make it executable (0755) and place it in say /usr/local/sbin/, then edit (visudo) /etc/sudoers to allow that user to execute the script as root user. See 'man sudoers' for examples. If unsure post your script plus your modified /etc/sudoers.

even if I put it in a script they still doesn't mean they have permissions

unSpawn 12-30-2014 08:57 AM

Quote:

Originally Posted by slufoot80 (Post 5292618)
even if I put it in a script they still doesn't mean they have permissions

If this is a statement then I wonder who it is aimed at?
Elif this is a question then I do not comprehend it.


All times are GMT -5. The time now is 10:07 PM.