g0all
asked on
Recursive sudoers for a folder
Hi,
Is there any way to give rights for a user for everything that's on the folder without mentioning specific binaries/subfolders?
Like: giving user dba access to /oracle?
Thanks
Is there any way to give rights for a user for everything that's on the folder without mentioning specific binaries/subfolders?
Like: giving user dba access to /oracle?
Thanks
Include the user in oracle group.
It will have nothing to do with using sudo. With sudo you can give access to certain commands to be run as another user, mostly root.
It will have nothing to do with using sudo. With sudo you can give access to certain commands to be run as another user, mostly root.
ASKER
OK, what I'm trying to do is give user oracle recursive access to all binaries on /oracle folder.
You don't need to give access to ANY binary. Folder access alone is enough. If folders are owned by user oracle, this is sufficient.
ASKER
Not all (sub)folders are owned by oracle, that's why I need sudoers.
ASKER
Not all (sub)folders are owned by oracle, that's why I'm asking sudoers.
Just put a sudo entry for oracle user.
as root do
visudo
Put the following line at the end of the file that opens
oracle ALL=(ALL) NOPASSWD: ALL
as root do
visudo
Put the following line at the end of the file that opens
oracle ALL=(ALL) NOPASSWD: ALL
ASKER
Is there a way to specify a path (like /oracle) on that line? Because this solution would give oracle user all systems permissions.
Yes it does :(
SUDO can only restrict commands not paths where you apply those commands.
SUDO can only restrict commands not paths where you apply those commands.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, legolasthehansy also recommended what I did in my first comment/recommendation.
ASKER
OK, but what would be the advantages of using ACLs over regular permissions?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
setfacl -m user:username:rwx /oracle