Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: allow user to use sudo cp on a specific directory and only a specific file
Top Forums UNIX for Advanced & Expert Users allow user to use sudo cp on a specific directory and only a specific file Post 302553933 by Peasant on Friday 9th of September 2011 08:10:04 AM
Old 09-09-2011
I would reccomend you check setuid.

You can make a shell script and a small c program to call it with root privileges.

So an example :
You make shell script with USER named test.sh which does cp file1 /etc/
Then you make a C program called execshell (or whatever) which runs that script with system call ( please find examples online for C setuid and system call )

Compile that program.

As root you make chown root:root and chmod 4755 to that C program.
User can now invoke that c program which will execute that shell script with root permisions and copy the file1 to /etc/ as root invoked by USER.

Be carefull tho, setuid needs to be handled with care.
passwd would be a lovely example of setuid in C and exceptions it uses.

Hope that helps.
Regards
Peasant.
 

10 More Discussions You Might Find Interesting

1. Solaris

give user permission on specific directory in solaris

dear all does any one give any user write permission using access control list or another way to solve this problem (1 Reply)
Discussion started by: murad.jaber
1 Replies

2. Solaris

when FTP user will go to specific directory

Hi experts, I have a user "bingo" in my sunsolaris 9. # /etc/passwd bingo:x:513:1::/export/home/bingo:/bin/bash when anyone Telnet to this user it goes to his home directory /export/home/bingo But now i want- when someone FTP to this user "bingo" it will NOT go to his home dir. Rather it... (5 Replies)
Discussion started by: thepurple
5 Replies

3. UNIX for Dummies Questions & Answers

granting permission to file/directory to a specific user

hello, I would like to grant full access to a directory which is owned by root and the web application that created it. I have though of adding the permission to the whole world, but for security reason I would like to grant it to one more user. I have tried this 'chmod -U newUser+wrx... (2 Replies)
Discussion started by: run123
2 Replies

4. Solaris

create user with RWX access to a specific directory in Solaris 10

I need to create a user account for a developer that will allow him rwx access to all resources in a directory. How can I do that? Thanks (5 Replies)
Discussion started by: gsander
5 Replies

5. Solaris

User permission to a specific directory only

is is possible to grant user access to only one subdirectory? example a. create ftp user with read/write/delete access (ftp user doesnt belong to uguys group) $ cd /etc/mydir $ls file1 file2 $ls -al -rw-rw-r-x 2 unixguy uguys 96 Dec 8 12:53 file1 -rw-rw-r-x 2 unixguy uguys 96 Dec 8... (1 Reply)
Discussion started by: lhareigh890
1 Replies

6. Solaris

How to restrict user to a specific directory in solaris 10

Hi all, I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only. Regards (6 Replies)
Discussion started by: gilldn
6 Replies

7. Solaris

Limit FTP user's access to a specific directory

Hi, I have searched "Limit FTP user's access to a specific directory" subject for 3 days. I found proftp and vsftp but i couldn't compile and install. Is there any idea. Please suggest. (6 Replies)
Discussion started by: hamurd
6 Replies

8. Solaris

Limit bash/sh user's access to a specific directory

Hello Team, I have Solaris 10 u6 I have a user test1 using bash that belong to the group staff. I would like to restrict this user to navigate only in his home directory and his subfolders but not not move out to other directories. How can I do it ? Thanks in advance (1 Reply)
Discussion started by: csierra
1 Replies

9. UNIX for Advanced & Expert Users

Change sFTP home directory for particular user and from specific server

Hello Folks, Of course i came here for your favour :) How to set a defalult home directory for sFTP login ( at present users land in to their home directrory) when they connect from specific server. When server(A) sFTP's to Linux server(B) they land to thier home directory. I want... (5 Replies)
Discussion started by: Thala
5 Replies

10. UNIX for Beginners Questions & Answers

Is there a way to restrict a user (owner) to execute scripts from a specific directory

Hello, I have a user Bob on a RHEL 7 server1. Where his script area is "/home/Bob/scripts/" and he is the owner for this directory. On the server1, there is a NFS mount from another server2, with path as "/global/work/" and Bob is the owner for this directory too in server2. (Same UID and GID... (5 Replies)
Discussion started by: karumudi7
5 Replies

LEARN ABOUT DEBIAN

csp_helper

csp_helper(1)							  USER COMMANDS 						     csp_helper(1)

  NAME
      csp_helper - A collection of caspar helper scripts

  SYNOPSIS
      csp_install dir (directory) file (file)

      csp_mkdircp dir (directory) file (file)

      csp_scp_keep_mode h ([user@]host) dir (directory) file (file)

      csp_sucp h ([user@]host) dir (directory) file (file)

  DESCRIPTION
      The  scripts  csp_install,  csp_mkdircp,	csp_scp_keep_mode  and csp_sucp are helpers for caspar(7). These scripts typically are not invoked
      directly, but via a Makefile which uses caspar. See the notes on	csp_PUSH  in  caspar(7)  for  information  on  how  to	link  csp_install,
      csp_scp_keep_mode and csp_sucp to caspar.

  install DESCRIPTION
      csp_install creates the required directory (if needed) and installs the file, preserving timestamps. It uses install(1).

  install EXAMPLES
       csp_INSTALL_OPTIONS='--owner=www-data --group=www-data' 
	csp_INSTALL_MODE=ugo=r 
	csp_install /srv/www index.html

       csp_INSTALL_MODE=u=rwx,go= csp_install /usr/local/sbin mkpasswd

  install ENVIRONMENT
      csp_install honors csp_INSTALL_OPTIONS and csp_INSTALL_MODE (default is u=rw,go=r).

  mkdircp DESCRIPTION
      csp_mkdircp calls mkdir(1) and cp(1).

  scp_keep_mode DESCRIPTION
      csp_scp_keep_mode  uses  ssh to copy a file to a remote host, keeping its file permission mode. The trick used is a combination of mktemp(1)
      and mv(1).  Useful if you'd like to be sure a file gets installed e.g. group writable, without fiddling with permission bits on  the  remote
      host.

  scp_keep_mode EXAMPLE
	chmod g+w rc
	csp_scp_keep_mode root@gandalf /etc/uruk rc

  scp_keep_mode ENVIRONMENT
      csp_scp_keep_mode honors csp_SSH ("ssh" by default).

  sucp DESCRIPTION
      csp_sucp calls cat(1) from within sudo(1) from within ssh(1). This allows one to copy files to accounts on hosts one can only reach by call-
      ing sudo on the ssh-reachable remote host.

      Typically, one wants to install a root-owned file, but one does not want to allow access to the root-account directly  from  ssh.  Typically
      sudo is used as an extra line of defense.

  sucp EXAMPLES
      Some examples:

	csp_sucp rms@bilbo /etc fstab

	csp_sucp monty-python commit/ trailer.txt

  sucp BUGS
      If  NOPASSWD  is	not  set in the sudoers(5) file, and one's timestamp is expired, csp_sucp will forward the sudo password prompt. The given
      password will be echoed on the console!

  AUTHOR
      Joost van Baal-Ili

  SEE ALSO
      caspar(7) The caspar homepage is at http://mdcc.cx/caspar/ .

  csp_helper 20120514						      14 mai 2012						       csp_helper(1)
All times are GMT -4. The time now is 02:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy