OT: allow ordinary user to read /var/log/audit/audit.log
Hiisi
hiisi at fedoraproject.org
Thu Jun 9 15:39:09 UTC 2011
Hi, list!
Sorry for off-topic. I want to give certain users to execute some
commands to configure web-server. Here's what I have in /etc/sudoers
for user 'hospes':
Cmnd_Alias HOSPES = /sbin/service, /sbin/chkconfig,
/usr/sbin/setsebool, /sbin/restorecon, /usr/sbin/semanage,
/usr/sbin/setenforce
%hospes ALL=(root) sudoedit /etc/httpd/*
%hospes ALL=(root) sudoedit /etc/hosts
Next I would like to allow hospes to read /var/log/audit/audit.log. I
don't want to allow him to edit this file but only to read (e.g. cat
or grep). I don't want to change audit.log attributes. Any
suggestions, please?
TIA
--
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/
--
Spandex is a privilege, not a right.
More information about the users
mailing list