Re: Updating files in /etc Remotely (and automated)

To: debian-user@lists.debian.org
Subject: Re: Updating files in /etc Remotely (and automated)
From: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>
Date: Sun, 12 Sep 2010 20:47:07 -0300
Message-id: <[🔎] 4C8D667B.1070000@kalinowski.com.br>
In-reply-to: <[🔎] 4C8D4E6B.7010803@jretrading.com>
References: <[🔎] EF953506-5924-409C-B345-B43C694DD3B6@halblog.com> <[🔎] 20100912145107.GA29195@aurora.owens.net> <[🔎] 9229C387-BB4B-4004-834A-3BEA7FA77E0D@halblog.com> <[🔎] 20100912163733.GB29852@aurora.owens.net> <[🔎] 0EA47E68-49ED-4F32-A91B-4379E27E45DC@halblog.com> <[🔎] 20100912202459.GA32270@aurora.owens.net> <[🔎] 4C8D4E6B.7010803@jretrading.com>

 On 09/12/2010 07:04 PM, Joe wrote:

Note that sudo does not completely mimic root behaviour. Commands using
  >, and presumably other composite commands, will depend on the user's
own permissions.

In an 'all-root' directory, with no existing file2:

sudo cp file1 file2 works as expected
sudo touch file2 works as expected
sudo cat file1 works as expected
sudo cat file1>  file2 fails due to lack of write permission
su -c "cat file1>  file2", then<password>, works as expected

It isn't just cat, I first noticed this some years ago with aggregate,
which also uses>. I assume that when the shell reaches the>, which is
effectively another command, the temporary sudo one-command permission
has expired. The trick with the quotation marks doesn't work, sudo
expects the entire quoted string to be the name of an executable.

Actually, the shell (running as the normal user) sees the redirection,tries to opens the file, and then runs "sudo cat file1", redirecting theoutput to the opened file. Then sudo runs, cat'ing the file (as root) tostdout.



--
Do YOU have redeeming social value?

Eduardo M KALINOWSKI
eduardo@kalinowski.com.br

Reply to:

References:
- Updating files in /etc Remotely (and automated)
  - From: Hal Vaughan <hal@halblog.com>
- Re: Updating files in /etc Remotely (and automated)
  - From: Rob Owens <rowens@ptd.net>
- Re: Updating files in /etc Remotely (and automated)
  - From: Hal Vaughan <hal@halblog.com>
- Re: Updating files in /etc Remotely (and automated)
  - From: Rob Owens <rowens@ptd.net>
- Re: Updating files in /etc Remotely (and automated)
  - From: Hal Vaughan <hal@halblog.com>
- Re: Updating files in /etc Remotely (and automated)
  - From: Rob Owens <rowens@ptd.net>
- Re: Updating files in /etc Remotely (and automated)
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: Debian on Dell Inspiron 15 or 15R laptops?
Next by Date: Re: rsync issue
Previous by thread: Re: Updating files in /etc Remotely (and automated)
Next by thread: Re: Updating files in /etc Remotely (and automated)
Index(es):
- Date
- Thread