[TriLUG] Help with setuid C wrapper script
rkelleyrtp at gmail.com
Wed Oct 13 08:31:34 EDT 2010
Thanks for the syntax Jonathan. However, this is what happens when I try to do the command:
[root at test-svr1 ~]# ssh rmaint at 18.104.22.168 "tail -100 /var/log/messages"
tail: cannot open `/var/log/messages' for reading: Permission denied
Here is what is in /etc/sudoers:
rmaint ALL=(root) NOPASSWD: /usr/bin/tail -100 /var/log/messages, /usr/bin/tail -50 /var/log/secure
Also, /var/log/messages and /var/log/secure both have permission mod of 600 (as in, rw--------).
I have tried various syntax lines in /etc/sudoers but always get permission denied. In fact, this is what I tried prior to sending the original email to the alias. Thus, I had to fall back to a suid C program. Have you tried the above statements in your sudoers file?
BTW - I have the suid C program working fine. But, as we all know, keeping a single suid utility updated and pushed out to all servers is a real PITA.
On Oct 12, 2010, at 8:23 PM, Jonathan Woodbury wrote:
> Based on what I can see in your first few emails on this, I believe this
> will give you precisely what you asked for:
> someuser ALL=(root) NOPASSWD: /usr/bin/tail -100 /var/log/messages,
> /usr/bin/tail -50 /var/log/secure
> This will allow someuser to execute tail with those exact arguments as root
> without prompting the user for a password. Some other folks have nicely
> pointed out that you could use syntax described in the Wildcards section of
> the sudoers man page to loosen the restrictions on what arguments could be
> passed to tail. But it didn't look like you were heading in that direction
> from what I saw in your source code example. Explicit and simple has its
> I hope this helps,
> This message was sent to: Ron Kelley <rkelleyrtp at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/options/trilug/rkelleyrtp%40gmail.com
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG