| View previous topic :: View next topic |
| Author |
Message |
wilsonsamm
Apprentice
Joined: 12 Jul 2008
Posts: 196
|
 Posted: Tue Aug 25, 2009 7:42 am Post subject: /proc/ readable and writeable by user |
 |
|
| How do I do this? I want to allow my users to suspend the computer, and view the kernel logs and such, but the /proc/ filesystem seems not to support UNIX style permissions. |
|
| Back to top |
|
 |
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Tue Aug 25, 2009 8:35 am Post subject: |
|
|
Have you thought about using the "sudo" package?
You can give users access to specific commands rather than the /proc filesystem.
Rich |
|
| Back to top |
|
|
wilsonsamm
Apprentice
Joined: 12 Jul 2008
Posts: 196
|
| Posted: Wed Aug 26, 2009 12:50 pm Post subject: |
|
|
| I intend to put "echo disk > /sys/power/state" into the menu of the users' GUI. Can I pass root's password to sudo on the command line? |
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Wed Aug 26, 2009 1:06 pm Post subject: |
|
|
That's the clever part with sudo is that you don't need to know or give out the root password.
Create a script with the following:
| Code: | #!/bin/bash
echo disk > /sys/power/state |
and save it somewhere like /usr/local/bin/suspend
Add /usr/local/bin/suspend onto the users menu.
and add this into the bottom of the /etc/sudoers file (using the 'visudo' command).
| Code: | | %users ALL=NOPASSWD: /usr/local/bin/suspend |
Anyone in the "users" group should then be able to run that script which will in turn suspend the PC.
Rich |
|
| Back to top |
|
|
wilsonsamm
Apprentice
Joined: 12 Jul 2008
Posts: 196
|
| Posted: Sat Aug 29, 2009 7:18 am Post subject: |
|
|
Ah 
Great idea, thank you
in the /etc/sudoers file, can I have two lines there, and is this the appropriate syntax:?
| Code: | %users ALL=NOPASSWD: /usr/local/bin/suspend
%users ALL=NOPASSWD: /usr/local/bin/kmsg |
Also, I don't like using visudo, so can I use nano or is this dangerous, and why/how? |
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Sat Aug 29, 2009 10:33 am Post subject: |
|
|
Yes that entry looks ok. It should allow any user in the "users" group to run the commands.
Also, there's no problem in using Nano... I do just that 
You need to set your "EDITOR" environment variable in your /etc/profile file.
to test do this:
| Code: | | # EDITOR=nano visudo |
and you should be able to edit the file with nano. |
|
| Back to top |
|
|
|
Other Things Gentoo
