Re: scripting inherited commands user rights
On 02/07/2013 03:54 PM, Muhammad Yousuf Khan wrote:
> Thanks for the hint i have been going through couple of howtos but it
> is still not working same error i put this line at the bottom of the
> VISUDO still no luck
>
> %ykhan ALL = NOPASSWD: /usr/bin/myscript
>
> when i run the script with user ykhan still give me the same error.
>
> would you please be kind enough and share a good howto or guide by
> example. that would be very helpful.
>
> Thanks
>
> On Thu, Feb 7, 2013 at 6:54 PM, Alex Mestiashvili
> <alex@biotec.tu-dresden.de> wrote:
>
>> On 02/07/2013 02:10 PM, Muhammad Yousuf Khan wrote:
>>
>>> i have got a /data folder where no one has rights accept user "root".
>>> and for some reasons or reducing my dependency i have created a script
>>> which include
>>> "mkdir" command
>>>
>>> like this
>>>
>>> mkdir /data/example
>>>
>>> the script own by the user and have got rights 700 on the script file
>>> so that only that specific user can run the script however when the
>>> script ran it gives us this error
>>> "mkdir: cannot create directory `/data/example ': Permission denied"
>>>
>>> i dont want to give any user -w , -r and -x rights on the folder but
>>> what i want is that he can only create directory via that script only.
>>>
>>>
>>> Thanks,
>>>
>>>
>>>
>> you can use sudo to run a command with elevated rights.
>>
>> Regards,
>> Alex
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>> Archive: [🔎] 5113B21F.2070601@biotec.tu-dresden.de">http://lists.debian.org/[🔎] 5113B21F.2070601@biotec.tu-dresden.de
>>
>>
>
>
Please do not top-post [0]
the example you gave me looks correct, nevertheless :
cat /home/admin/myscript.sh
#!/bin/bash
mkdir /root/test
chmod 755 /home/admin/myscript.sh
just to be sure:
chmod 700 /root
chown root /root
cat /etc/sudoers | grep admin
admin ALL = NOPASSWD: /home/admin/myscript.sh
as user admin
ls -l /root
ls: cannot open directory /root: Permission denied
sudo ./myscript.sh && echo $?
0
one more time :
sudo ./myscript.sh
mkdir: cannot create directory `/root/test': File exists
as root,
ls -l /root | grep test
drwxr-xr-x 2 root root 4096 Feb 7 16:07 test
[0]
http://wiki.debian.org/FAQsFromDebianUser#What_is_top-posting_.28and_why_shouldn.27t_I_do_it.29.3F
Regards,
Alex
Reply to: