On Mon, Jul 11, 2016 at 5:27 PM, Joe Zeff <joe@xxxxxxx> wrote:
On 07/11/2016 02:15 PM, Robert Nichols wrote:
On 07/11/2016 12:13 PM, bruce wrote:
the change I made
cat ALL=(ALL) NOPASSWD: /cat/*.*
That is granting cat the right to run commands as cat, i.e., it's pretty
much a no-op. Try
dog ALL=(ALL) NOPASSWD: /cat/*.*
Wouldn't it be easier to create a group that both cat and dog belong to, have the files owned by cat (and that group) and give the files execute access by everybody in the group? That gives dog access to the specific commands it needs but nothing else in cat's home folder.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
I concur. Creating a common group seems the least complicated. Then chmod the files in /cat/ to cat:commongroup and you are done. Expandable if Rat joined the system and you could just add Rat to the commongroup. Also I think Dog is invoking the sudo command, albeit as cat to run a file, so the system needs Dogs password to execute... I think.
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
