Sudo and limited rights
Patrick Boutilier
boutilpj at ednet.ns.ca
Mon Oct 31 12:37:52 UTC 2011
On 10/31/2011 09:28 AM, Anne Wilson wrote:
> On Monday 31 Oct 2011 12:21:10 Patrick Boutilier wrote:
>> On 10/31/2011 09:16 AM, Anne Wilson wrote:
>>> On Monday 31 Oct 2011 10:40:12 Patrick Boutilier wrote:
>>>> On 10/31/2011 07:33 AM, Anne Wilson wrote:
>>>>> I'm fed up of having to be root to read log files when troubleshooting.
>>>>> I'd like to add a sudo line that gives me read-only rights to /var/log/
>>>>> - is this possible? I've not found any example of limted rights like
>>>>> that - and I don't want to allow write access to anyone other than
>>>>> root.
>>>>>
>>>>> Anne
>>>>
>>>> Not really a KDE issue, but facl should work. $user will be your userid.
>>>>
>>>> setfacl -R -m u:$user:r /var/log/
>>>>
>>>>
>>>>
>>>>
>>>> This one will give you access to newly created logs files without having
>>>> to run the above again.
>>>>
>>>>
>>>> setfacl -d -R -m u:$user:r /var/log/
>>>
>>> Thanks. Unfortunately it doesn't seem to work - kwrite still shows an
>>> empty file even though I can see the size of it indicating that it is
>>> quite big.
>>>
>>> Anne
>>
>> Which file in /var/log/ ?
>>
>> What does getfacl /var/log/<file> show?
>>
>>
>>
>> Does this work from a prompt?
>>
>> tail /var/log/<file>
>>
> confession - this is on my server, CentOS
>
> Anne
5.x or 6.x ? On 6.x other does not have rights to /var/log . Fix with:
setfacl -m u:anne:rx /var/log
-------------- next part --------------
A non-text attachment was scrubbed...
Name: boutilpj.vcf
Type: text/x-vcard
Size: 297 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/kde/attachments/20111031/73ac9913/attachment-0001.vcf
More information about the kde
mailing list