[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Fwd: Re: [Fwd: [Fwd: [sudo-users] Config sudo for installation]]]

Mikkel L. Ellertson wrote:
edwardspl ita org mo wrote:
Mikkel L. Ellertson wrote:
edwardspl ita org mo wrote:
Dear All,

How can we config sudores, then assign a user ( without root ) to running the following :
Install source code package, include the command of tar, configure, make and make install.


You would only need sudo for the make install command - you can do
the rest as a normal user. (At least for almost all packages...) I
have not tried it, but I suspect that if you created a group called
install, and put a rule something like this in /etc/sudoers:

%install	localhost=make install

You could also use something like thins if you do not want it to be
limited to users at the console:

%install	ALL=make install

If you do not want the user asked for his password when running the
command, you can add "NOPASSWD: ALL" at the end.

Hello Mikkel,

Sorry, I don't quite understanding your means...
I just want a sample for installing source code packages ( how to use
the command of configure / make / make install ) ?

For my config of sudores :

User_Alias    ADMIN = admin

ADMIN    HOST = NOPASSWD: /bin/tar


I am surprised that that works. Shouldn't the format be:


But you do not need to be root to install the source code. If you
are installing it in your home directory, you can run tar as a
normal user. You should be able to do all the steps except
installing the software as a normal user. I do it all time when
building from source. I also build RPMs as a normal user, and then
install them as root.

If HOST is an alias for the hosts you want to be able to run the
command as, try this:

ADMIN	HOST = /usr/bin/make install	NOPASSWD: ALL

If it isn't, then try:

ADMIN	localhost = /usr/bin/make install	NOPASSWD: ALL


admin	localhost = /usr/bin/make install	NOPASSWD: ALL

Just remember, if admin really tries, he/she can run any command
they can put in the make file in the install section, or install any
kind of suid program they want to. It would not be hard to use this
to get full root access to the system. That is one reason to limit
where it can be run from, and who can run it!


I just want to install a FTP Server ( package )...
BUT there is some error message :

[svradmin svr1 proftpd-1.3.0a]$ ./configure --prefix=/usr/local/proftpd
./configure: line 88: conf4161.sh: Permission denied
./configure: line 89: conf4161.sh: Permission denied
chmod: cannot access `conf4161.sh': No such file or directory
./configure: line 201: conf4161.file: Permission denied
./configure: line 1266: config.log: Permission denied
[svradmin svr1 proftpd-1.3.0a]$


/etc/sudores :

Host_Alias      M = svr1

User_Alias USER1 = svradmin

USER1   M = NOPASSWD: /bin/tar, /usr/bin/make install

So, what problem of sudores config ?

fedora-list mailing list
fedora-list redhat com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]