01-30-2013
Quote:
Originally Posted by
lhareigh890
thanks. however if the 'mayedit' user will execute sudo vi /file/in/question, he will be able to edit it right? the user will have like sudo access to all (ie. shutdown, cp, mv, any commands) but not to a specific files i will mention. is this possible?
Ahem,
"mayedit" is not a user, but a
user group. Users are "willedit" and "willnotedit".
By giving a user the right to "sudo vi" this user will effectively be able to
become root and use any command - shutdown, mv, cp and anything else included - without even having to use "sudo".
And, no, this is not possible. root may do everything and if you allow a user to become root, you have allowed him to do everything effectively. There is no restricting after you have given full rights. This is why you shouldn't use sudo for this, as explained above.
I hope this helps.
bakunin
10 More Discussions You Might Find Interesting
1. Linux
Hi,
I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password.
Can someone tell me what's wrong with my file?
It's not working when I 'sudo SHUTDOWN' command:
sudo: SHUTDOWN: command not found
Thanks a lot!
# Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies
2. UNIX for Advanced & Expert Users
how to forbid deleting a file even though the file is owned by the user?
I thought of setfacl command on solaris. Any hints please?
thx (2 Replies)
Discussion started by: melanie_pfefer
2 Replies
3. UNIX for Dummies Questions & Answers
What is the difference between ALL and localhost in the bellow?
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
Thank you. (2 Replies)
Discussion started by: hemangjani
2 Replies
4. AIX
Dear AIX/UNIX experts:
I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications.
As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ?
Could anybody give me your... (8 Replies)
Discussion started by: devyfong
8 Replies
5. UNIX for Advanced & Expert Users
i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password.
my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp.
Thank you.
... (2 Replies)
Discussion started by: noam128
2 Replies
6. Shell Programming and Scripting
HI guys i have a question.
Question 1: how do i modify a particular string?
e.g
echo "Please enter Book Title: "
read a
echo "Please enter Author: "
read b
if ]
then echo " Record found!"
which will then pop out a menu with the follow output
1. Update Name
2.... (1 Reply)
Discussion started by: ichar
1 Replies
7. Shell Programming and Scripting
How to edit file content at the specific line? For example at below
The things to edit --> This is line 2. And it is below line 1.
This is line 1.
This is line 2. # i want to append some words at this row line. How?
This is line 3. (8 Replies)
Discussion started by: alvin0618
8 Replies
8. HP-UX
Hi All,
I've made a script in order to delete the users. The script is deleting the users and removing its entry from the /etc/sudoers however it is changing the permissions of the /etc/sudoers file to the user from which it is executing the script.
#!/bin/ksh
#set -x
print "The script... (2 Replies)
Discussion started by: Kits
2 Replies
9. UNIX for Dummies Questions & Answers
Hi
using Solaris 10. trying to update /etc/sudoers file
I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message
sudo su -
>>> sudoers file: parse error, line 9 <<<
>>> sudoers file: parse error, line 9 <<<
... (2 Replies)
Discussion started by: samnyc
2 Replies
10. Solaris
In the sudoers file in Solaris...
I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies
LEARN ABOUT DEBIAN
cdbs-edit-patch
CDBS-EDIT-PATCH(1) CDBS Documentation CDBS-EDIT-PATCH(1)
NAME
cdbs-edit-patch - create or edit a CDBS simple-patchsys.mk patch
SYNOPSIS
cdbs-edit-patch patchname
DESCRIPTION
cdbs-edit-patch creates or edits patches for use by the CDBS simple-patchsys.mk patch system. For more information about CDBS please see
the documentation under /usr/share/doc/cdbs/.
When patchname exists, cdbs-edit-patch will set up a temporary working source tree, apply all patches up to and including patchname in lex-
icographic order, and spawn an interactive shell for the developer. The developer can then edit files in this working tree. When the
developer is done and exits the shell, cdbs-edit-patch updates patchname to reflect the changes made. To abort the process from the inter-
active shell, exit with a nonzero exit value.
When patchname does not exist, cdbs-edit-patch will assume that a new patch should be created. As with the above scenario, cdbs-edit-patch
will first create a temporary working source tree and apply all patches up to the new patch in lexicographic order. When the shell is
quit, cdbs-edit-patch will create patchname.
AUTHOR
CDBS was written by Colin Walters and others. cdbs-edit-patch was written by Martin Pitt. This manual page was written by Peter Eisen-
traut based on the dpatch-edit-patch(1) manual page.
SEE ALSO
CDBS documentation in /usr/share/doc/cdbs/, /usr/share/cdbs/1/rules/simple-patchsys.mk, dpatch-edit-patch(1), quilt(1)
Debian 5 Feb 2006 CDBS-EDIT-PATCH(1)