Welcome to WebmasterWorld Guest from 54.242.72.36

Forum Moderators: bakedjake

Message Too Old, No Replies

Almost root user?

     

Nutter

5:40 pm on Feb 14, 2005 (gmt 0)

10+ Year Member



I know enough about Linux to be dangerous. I understand why I shouldn't login as root because it would be too easy to really screw something up. But, it makes it a lot easier to be able to edit any files without worrying about who the owner is (the server is a VPS and all the accounts are mine, but the user and group is based on the domain). Is there a way to have an almost-root user? Someone that could edit any user files, but not system files. Maybe even just a user that can edit any files in the /home/ directory.

- Ryan

MattyMoose

6:15 pm on Feb 16, 2005 (gmt 0)

10+ Year Member



Something like sudo would probably be your best bet.

In the /etc/sudoers file, you'd add something like this:

myusername ALL= NOPASSWD: /usr/bin/vi

That will allow myusername to execute something like:

sudo vi /myfile.txt

That will run as root, without asking for a password, and vi the file. Keep in mind that bad things can happen still! (ex: sudo vi /etc/master.passwd wouldn't ask for a password).

It's a simple and quick way of fixing your problem.

NickCoons

2:21 am on Feb 19, 2005 (gmt 0)

10+ Year Member



<Maybe even just a user that can edit any files in the /home/ directory.>

To accomplish just this, you could make all of the find in /home readable and writable by group:

chmod 664 -R /home

That would set the permissions of all of the files in /home to -rw-rw-r--.

If the files belong to the "users" group, then anyone in that group would have read/write access to those files. If all of the users belong to you as you mentioned, then this would be fairly safe (since there are not users that are not you) and you could edit these files without being a root user.

You could also do a modification of the previous post, and simply prefix any editing commands with "sudo root", which would allow you to run that single command as root, and then drop privileges down after it had completed.

dingman

1:26 am on Mar 4, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Another option might be to activate ACLs on the partition you want to be able to edit. The following suggested commands come with no promises, but they might do the trick. They assume ACLs are enabled on the filesystem containing /home and that you want user 'luckyguy' to be able to do anything (s)he wants to /home and all files and directories inside it.

setfacl -r u:luckyguy:rw /home
find /home -type d -exec setfacl d:u:luckyguy:rwx \{\} \;

 

Featured Threads

Hot Threads This Week

Hot Threads This Month