02-05-2012
restrict sudo and chown in specified directory
Hi Dears,
I have one requirement like this:
- general user A can execute command C with root privilege by sudo configuration
- some folders and files are created during the command C execution
- user A cannot access those folders and files because the owner is root user, so I want the user A can execute chown command but restrict the scope as the parent directory created by the command C.
How to make the bold statement the truth?
Thanks!
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi every1,
There is a folder with .lst files which has email id's of our project group.
I want to find files which has my email id starting with sachin but i dont want find command to search subdirectories. I have read about prune but i didnt understand that. I am pretty new in this field.... (7 Replies)
Discussion started by: sachin.gangadha
7 Replies
2. UNIX for Dummies Questions & Answers
Hi
I executed command "chown -R xxx:xxx /" with user root... and it was too late when I found the mistake. Ownership of some files under the root directory had already become xxx:xxx. Is there a way that can recovery the ownership of all my files back to the point where they were? I really thanks. (2 Replies)
Discussion started by: password636
2 Replies
3. Red Hat
Hi
I have a Fedora10 server and i need a particular user to view files only in a particular folder.
All other files in other folders having "read" permission for all shouldn't be accessible to this user.
Please let me know if ther's a way.
Thanks,
HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies
4. Shell Programming and Scripting
Hi All,
I need your help in changing the owner of a directory.
I have a created a direcotry TEST with user "abc"....for the group "ftp".
Now i wnated to change the owner of the directory TEST.
i used the below command to do so:
chown abc:sftp TEST
This is giving me an error... (5 Replies)
Discussion started by: ch33ry
5 Replies
5. OS X (Apple)
I was following a tutorial on installing Homebrew and I changed the ownership of /usr/local/ to me. Now McAfee Security won't start This is the exact line I typed:
sudo chown -R `whoami` /usr/local
Then I tried to fix it with:
sudo chown -R root /usr/local
I still can't start mcafee. It say... (7 Replies)
Discussion started by: chancho
7 Replies
6. Ubuntu
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Hi Folks,
Please help me. I am bit struck here.
Here is the OS info.
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I have a... (17 Replies)
Discussion started by: explorer007
17 Replies
7. Shell Programming and Scripting
does anyone know how to exclude a directory with chown or chmod?
im trying to do something like this
chown $username:$username $directory/*
chown $username:$username $directory/.*
chown $username:$username $directory
and
find $directory/* -type f -exec... (1 Reply)
Discussion started by: vanessafan99
1 Replies
8. Shell Programming and Scripting
My git user has permission in sudoers to run a wrapper script to move files into my webroot.
Everything is working fine except for the chown line. After the script has run, the files ar still root:root instead of apache:apache.
Scratching my head...:confused:
#!/bin/sh
echo
echo "****... (4 Replies)
Discussion started by: dheian
4 Replies
9. AIX
hi,
I want to restrict some user access to only 1 directory (including all sub-directories/files in it).
can you please explain me, how can we do this?
example;
Filesystem GB blocks Used Free %Used Mounted on
/dev/hd4 2.61 1.02 1.59 40% /
/dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies
10. Red Hat
Hi,
I wanted add a group to the sudoers file so they can run sudo commands and blocked su command but it seems they can just run sudo -i to switch to root which defeats my purpose.
Is it possible to block sudo -i with the help of sudoers file or any other way.
Please advise.
The below... (1 Reply)
Discussion started by: Jartan
1 Replies
LEARN ABOUT MOJAVE
heimdal_debug
heimdal_debug(5) BSD File Formats Manual heimdal_debug(5)
NAME
heimdal_debug -- how to turn on/off debugging for Kerberos tools
DESCRIPTION
The heimdal_debug kerberos frameworks have several knobs for controlling logging. The different framework knobs are:
libkrb
The Kerberos library, some gss-api Kerberos output ends up here too
kcm the kcm library (credentials cache, ntlm client)
kdc the kerberos KDC output
digest-service
the digest service (ntlm server)
CONFIGURATION FILE
[logging]
<subsystem> = 0-/SYSLOG:
and watch syslog for logging information.
APPLE MAC OS X
First turn up syslog debugging
sudo syslog -c 0 -d
then you can see the syslog output in Console.app or by running
syslog -w -k org.h5l.asl
To enable more extensive debugging logging for each subsystem, use the following commands:
Kerberos Library
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add krb5 '0-/OSLOG:normal:'
digest-server
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add digest-service '0-/OSLOG:normal:'
kcm sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kcm '0-/OSLOG:normal:'
kdc sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kdc '0-/OSLOG:normal:'
MIT Kerberos Shim
defaults write com.apple.MITKerberosShim EnableDebugging -bool true
GSS-API framework logging
sudo defaults write /Library/Preferences/com.apple.GSS DebugLevel -int 10
Other options on Mac OS X
Make the admin API pretend to the server even on client
sudo defaults write /Library/Preferences/com.apple.Kerberos ForceHeimODServerMode -bool true
SEE ALSO
gss(5), kerberos(8)
HEIMDAL
Sep 30, 2011 HEIMDAL