Consider this scenario, whereby sudo *cannot* seem to facilitate necessary access: # id uid=1000(mds) gid=1000(mds) groups=1000(mds),6(disk),29(audio),50(staff),1001(sambamount),1002(mysql) # ls -ld /var/log/exim/ drwxr-s--- 2 mail adm 4096 Sep 5 06:46 /var/log/exim/ # ls -al /var/log/exim/ ls: /var/log/exim/: Permission denied mds@bragi:~/dLoad # sudo ls -al /var/log/exim/ total 1584 drwxr-s--- 2 mail adm 4096 Sep 5 06:46 . drwxr-xr-x 21 root root 8192 Sep 5 06:46 .. -rw-r----- 1 mail adm 283999 Sep 5 15:46 mainlog -rw-r----- 1 mail adm 587225 Sep 5 06:45 mainlog.0 -rw-r----- 1 mail adm 91516 Sep 4 06:45 mainlog.1.gz -rw-r----- 1 mail mail 0 Jul 7 06:27 paniclog -rw-r----- 1 mail mail 695 Jul 5 22:26 paniclog.0 -rw-r----- 1 mail mail 130 Feb 15 2003 paniclog.1.gz -rw-r----- 1 mail adm 2232 Sep 5 08:27 rejectlog -rw-r----- 1 mail adm 3147 Sep 5 00:54 rejectlog.0 -rw-r----- 1 mail adm 1303 Sep 3 15:16 rejectlog.1.gz # ls -al /var/log/exim/rejectlog* ls: /var/log/exim/rejectlog*: Permission denied # sudo ls -al /var/log/exim/rejectlog* ls: /var/log/exim/rejectlog*: No such file or directory # sudo -u mail ls -al /var/log/exim/rejectlog* ls: /var/log/exim/rejectlog*: No such file or directory Occasionally, I run into similar glitches using sudo. I want to better define, in my own head, what can and cannot be done under sudo; and, how best to _always_ avoid su to root. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . --
Attachment:
pgpEdyGEuQA2O.pgp
Description: PGP signature