asked on

Recursive sudoers for a folder

Hi,

Is there any way to give rights for a user for everything that's on the folder without mentioning specific binaries/subfolders?

Like: giving user dba access to /oracle?

Thanks

legolasthehansy

You can use ACL's here (provided the mount supports ACL's)
setfacl -m user:username:rwx /oracle

farzanj

Include the user in oracle group.

It will have nothing to do with using sudo. With sudo you can give access to certain commands to be run as another user, mostly root.

g0all

ASKER

OK, what I'm trying to do is give user oracle recursive access to all binaries on /oracle folder.

farzanj

You don't need to give access to ANY binary. Folder access alone is enough. If folders are owned by user oracle, this is sufficient.

g0all

ASKER

Not all (sub)folders are owned by oracle, that's why I need sudoers.

g0all

ASKER

Not all (sub)folders are owned by oracle, that's why I'm asking sudoers.

farzanj

Just put a sudo entry for oracle user.

as root do

visudo

Put the following line at the end of the file that opens
oracle ALL=(ALL) NOPASSWD: ALL

g0all

ASKER

Is there a way to specify a path (like /oracle) on that line? Because this solution would give oracle user all systems permissions.

farzanj

Yes it does :(
SUDO can only restrict commands not paths where you apply those commands.

ASKER CERTIFIED SOLUTION

legolasthehansy

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

farzanj

Yes, legolasthehansy also recommended what I did in my first comment/recommendation.

g0all

ASKER

OK, but what would be the advantages of using ACLs over regular permissions?

SOLUTION

farzanj

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial