Log in

sudo for write access to a single file - Linux Help Desk [entries|archive|friends|userinfo]

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

sudo for write access to a single file [Jan. 4th, 2010|09:27 am]


Can sudo be used to grant write access to a single file? I've granted sudoer access to a script, but this script writes to a log file. Currently the log file is chmod 644, and sudoers are unable to use the script due to incorrect permissions on the log file. I could chmod 666 to everyone, but that would be problematic.

[User Picture]From: poly_scott
2010-01-04 02:51 pm (UTC)
Sure. You could use ACL's to give just the user the script runs as perms to the file where everyone else wouldn't have them. Then you could lock the file down even farther (0600 for example) and let the ACL grant the needed access to just who needs it. This would require that ACL support be in your kernel. What distro?
(Reply) (Thread)
[User Picture]From: pkbarbiedoll
2010-01-04 02:58 pm (UTC)
(Reply) (Parent) (Thread)
[User Picture]From: poly_scott
2010-01-04 03:05 pm (UTC)
Ah. We're a mostly Debian/Ubuntu shop, so I'm not sure what packages you'll need. You can must likely use up2date to install whatever modules you need for ACL's if they are not included in the standard stock kernel though. If you do not have ACL's already, you will have to reboot after installing support for them. Sucks, but it's a low level file system thing.
(Reply) (Parent) (Thread)