[TriLUG] Help with setuid C wrapper script
Ron Kelley
rkelleyrtp at gmail.com
Wed Oct 13 09:25:07 EDT 2010
Thanks Kevin. This got me 99% there. After using "sudo" in the command, I got this message:
"sudo: sorry, you must have a tty to run sudo"
After a little googling, I found I needed to add an additional line to /etc/sudoers like this:
Defaults:%rmaint !requiretty
This allows the user "rmaint" to run sudo without a tty. So, the complete lines in /etc/sudoers include:
--------------------------------------------------------
Defaults:%rmaint !requiretty
rmaint ALL=(root) NOPASSWD: /usr/bin/tail -100 /var/log/messages, /usr/bin/tail -50 /var/log/secure
--------------------------------------------------------
Hope this helps someone else...
Really appreciate the help of everyone on the alias!
-Ron
On Oct 13, 2010, at 9:08 AM, Kevin Hunter wrote:
> At 8:31am -0400 Wed, 13 Oct 2010, Ron Kelley wrote:
>> Thanks for the syntax Jonathan. However, this is what happens when I
>> try to do the command:
>>
>> [root at test-svr1 ~]# ssh rmaint at 1.2.3.4 "tail -100 /var/log/messages"
>> tail: cannot open `/var/log/messages' for reading: Permission denied
>
> /etc/sudoers is read by the sudo command. Meaning that the user needs to use sudo. Try:
>
> $ ssh rmaint at 1.2.3.4 "sudo tail -100 /var/log/messages"
>
> Note also that sudo requires the command to match /exactly/. For instance if you had this in your sudoers file:
>
> rmaint ALL=(root) NOPASSWD: /bin/ls /var/spool/cron/atjobs/
>
> Then you would always need that trailing slash or will ask for a password:
>
> $ sudo ls /var/spool/cron/atjobs
> [sudo] password for rmaint:
>
> Hope this helps,
>
> Kevin
> --
> This message was sent to: Ron Kelley <rkelleyrtp at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/options/trilug/rkelleyrtp%40gmail.com
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG
mailing list