sudoers script and file access
sudoers script and file access
I have a script that accesses a root owned file. I have the script in sudoers and the suid bit set. However, when the script runs, it gets a permissions denied when trying to access that file. Since it is a suid script owned by root should it not be running as root and have access to that script? Do I need to do something else with the script? TIA.
Re: sudoers script and file access
Scripts can't have the suid bit set - well, they can but it's ignored. To get it to run via sudo you need to prefix the command with "sudo ".
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: sudoers script and file access
The script is in the sudoers file so any user can run it without a password. The problem is the script needs to read a file with restricted access.
Re: sudoers script and file access
So what command are you running when you have the problem with it not working with sudo? What exactly do you type?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: sudoers script and file access
Not sure how this helps but the command is my script named 'VPNsudo.py'. That entry in sudoers is:
ALL ALL=NOPASSWD: /usr/local/bin/VPNsudo.py
That script needs to run as root (setuid bit) in order to access the restricted file it needs.
ALL ALL=NOPASSWD: /usr/local/bin/VPNsudo.py
That script needs to run as root (setuid bit) in order to access the restricted file it needs.
Re: sudoers script and file access
Again, you cannot set the suid bit on a script. Well, you can set it but it is ignored.
So to do what you need to do you need to run sudo /usr/local/bin/VPNsudo.py
If you don't run it prefixed with sudo then it is not run via sudo so /etc/sudoers has no effect. It's not magic.
So to do what you need to do you need to run sudo /usr/local/bin/VPNsudo.py
If you don't run it prefixed with sudo then it is not run via sudo so /etc/sudoers has no effect. It's not magic.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke