[TriLUG] Help with setuid C wrapper script

Cristóbal Palmer cmp at cmpalmer.org
Sun Oct 10 23:21:24 EDT 2010


On Sun, Oct 10, 2010 at 9:52 AM, Ron Kelley <rkelleyrtp at gmail.com> wrote:
> In this specific case, I need a specific (non-root) user to run the commands "tail -100 /var/log/messages" and "tail -50 /var/log/secure" without requiring a password prompt.

I have a similar need in that I have people who should not have full
root, but should be able to restart apache and do some config
checking. I have the following in my sudoers file:

%restarter ALL=/etc/init.d/apache2 reload, /etc/init.d/apache2
restart, /usr/sbin/httpd -S, /usr/sbin/httpd -t

I then add these people to the 'restarter' group.

Your sudoers file that shipped with your OS should have some commented
examples, and my OS (Ubuntu) has the sudoers(5) manpage that is pretty
good. Like Clay, I'm positive that what you really want is an
appropriate sudoers line.

Cheers,
-- 
Cristóbal M. Palmer
ibiblio.org systems
UNC Chapel Hill



More information about the TriLUG mailing list