Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Deny to edit a specific file in sudoers
Top Forums UNIX for Dummies Questions & Answers Deny to edit a specific file in sudoers Post 302764013 by bakunin on Wednesday 30th of January 2013 10:15:21 PM
Old 01-30-2013
Quote:
Originally Posted by lhareigh890
thanks. however if the 'mayedit' user will execute sudo vi /file/in/question, he will be able to edit it right? the user will have like sudo access to all (ie. shutdown, cp, mv, any commands) but not to a specific files i will mention. is this possible?
Ahem,

"mayedit" is not a user, but a user group. Users are "willedit" and "willnotedit".

By giving a user the right to "sudo vi" this user will effectively be able to become root and use any command - shutdown, mv, cp and anything else included - without even having to use "sudo".

And, no, this is not possible. root may do everything and if you allow a user to become root, you have allowed him to do everything effectively. There is no restricting after you have given full rights. This is why you shouldn't use sudo for this, as explained above.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. Linux

sudoers file

Hi, I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password. Can someone tell me what's wrong with my file? It's not working when I 'sudo SHUTDOWN' command: sudo: SHUTDOWN: command not found Thanks a lot! # Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies

2. UNIX for Advanced & Expert Users

deny deletion of a file without omiting w permission

how to forbid deleting a file even though the file is owned by the user? I thought of setfacl command on solaris. Any hints please? thx (2 Replies)
Discussion started by: melanie_pfefer
2 Replies

3. UNIX for Dummies Questions & Answers

sudoers file questions

What is the difference between ALL and localhost in the bellow? # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom # %users localhost=/sbin/shutdown -h now Thank you. (2 Replies)
Discussion started by: hemangjani
2 Replies

4. AIX

Does ACL can only grant/deny access for specific command?

Dear AIX/UNIX experts: I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications. As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ? Could anybody give me your... (8 Replies)
Discussion started by: devyfong
8 Replies

5. UNIX for Advanced & Expert Users

sudoers file

i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password. my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp. Thank you. ... (2 Replies)
Discussion started by: noam128
2 Replies

6. Shell Programming and Scripting

How to edit specific variable in file?

HI guys i have a question. Question 1: how do i modify a particular string? e.g echo "Please enter Book Title: " read a echo "Please enter Author: " read b if ] then echo " Record found!" which will then pop out a menu with the follow output 1. Update Name 2.... (1 Reply)
Discussion started by: ichar
1 Replies

7. Shell Programming and Scripting

Edit file content at the specific line.

How to edit file content at the specific line? For example at below The things to edit --> This is line 2. And it is below line 1. This is line 1. This is line 2. # i want to append some words at this row line. How? This is line 3. (8 Replies)
Discussion started by: alvin0618
8 Replies

8. HP-UX

Unable to edit the sudoers file using script

Hi All, I've made a script in order to delete the users. The script is deleting the users and removing its entry from the /etc/sudoers however it is changing the permissions of the /etc/sudoers file to the user from which it is executing the script. #!/bin/ksh #set -x print "The script... (2 Replies)
Discussion started by: Kits
2 Replies

9. UNIX for Dummies Questions & Answers

Help with Sudoers file

Hi using Solaris 10. trying to update /etc/sudoers file I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message sudo su - >>> sudoers file: parse error, line 9 <<< >>> sudoers file: parse error, line 9 <<< ... (2 Replies)
Discussion started by: samnyc
2 Replies

10. Solaris

Sudoers file

In the sudoers file in Solaris... I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies

LEARN ABOUT DEBIAN

cdbs-edit-patch

CDBS-EDIT-PATCH(1)						CDBS Documentation						CDBS-EDIT-PATCH(1)

NAME

       cdbs-edit-patch - create or edit a CDBS simple-patchsys.mk patch

SYNOPSIS

       cdbs-edit-patch patchname

DESCRIPTION

       cdbs-edit-patch	creates  or edits patches for use by the CDBS simple-patchsys.mk patch system.	For more information about CDBS please see
       the documentation under /usr/share/doc/cdbs/.

       When patchname exists, cdbs-edit-patch will set up a temporary working source tree, apply all patches up to and including patchname in lex-
       icographic  order,  and	spawn  an  interactive shell for the developer.  The developer can then edit files in this working tree.  When the
       developer is done and exits the shell, cdbs-edit-patch updates patchname to reflect the changes made.  To abort the process from the inter-
       active shell, exit with a nonzero exit value.

       When patchname does not exist, cdbs-edit-patch will assume that a new patch should be created.  As with the above scenario, cdbs-edit-patch
       will first create a temporary working source tree and apply all patches up to the new patch in lexicographic  order.   When  the  shell	is
       quit, cdbs-edit-patch will create patchname.

AUTHOR

       CDBS  was  written  by Colin Walters and others.  cdbs-edit-patch was written by Martin Pitt.  This manual page was written by Peter Eisen-
       traut based on the dpatch-edit-patch(1) manual page.

SEE ALSO

       CDBS documentation in /usr/share/doc/cdbs/, /usr/share/cdbs/1/rules/simple-patchsys.mk, dpatch-edit-patch(1), quilt(1)

Debian								    5 Feb 2006							CDBS-EDIT-PATCH(1)
All times are GMT -4. The time now is 11:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy