Grant normal user to run certain script with root access
Hi,
Recently i have complain from user that the vnc session failed to create as the lock in /tmp/. The lock created eg: .X0-lock , .X1-lock . Only root can remove the lock. So i have written a simple script for the user to trigger and remove the lock files. Code:
#!/bin/sh So i visudo and add in the row Code:
john ALL=NOPASSWD: /usr2/flush.sh rm: cannot remove `.X0-lock': Operation not permitted rm: cannot remove `.X1-lock': Operation not permitted Please advice and let me know if i did something wrong. Thanks in advance. |
Your script is dangerous, and will happily remove any files containing the letters "lock", such as "block", "clock", "someother.lock", and even ".X0-lock" as you've discovered. If you want to remove files named .lock*, simplify your entire script to the single command:
rm -f /tmp/.lock* |
Quote:
I have edited my script on above. The lock generated is usually X1-lock , not a .lock. |
I see. Your first post indicated "/tmp/.lock", so there's the disconnect.
Everything OK now? |
Quote:
It is now working. Thanks for your help. |
All times are GMT -5. The time now is 09:30 AM. |