[TriLUG] Help with setuid C wrapper script
Jonathan Woodbury
jpwoodbu at mybox.org
Tue Oct 12 20:23:46 EDT 2010
Ron,
Based on what I can see in your first few emails on this, I believe this
will give you precisely what you asked for:
someuser ALL=(root) NOPASSWD: /usr/bin/tail -100 /var/log/messages,
/usr/bin/tail -50 /var/log/secure
This will allow someuser to execute tail with those exact arguments as root
without prompting the user for a password. Some other folks have nicely
pointed out that you could use syntax described in the Wildcards section of
the sudoers man page to loosen the restrictions on what arguments could be
passed to tail. But it didn't look like you were heading in that direction
from what I saw in your source code example. Explicit and simple has its
virtue.
I hope this helps,
Jonathan
More information about the TriLUG
mailing list