I'm trying to allow only one user to be able to use only 'cat,head,tail' on some of the log files. What is the exact syntax to use here. I tried

user ALL /bin/cat /var/log/maillog

Which works great, but I also need to give the user the head and tail commands. I tried grouping those commands under:

Cmnd_Alias VIEW = /bin/cat, /usr/bin/head, /usr/bin/tail

Now I try and add this VIEW alias but I'm not sure where it should go as I've tried many different ways. Basically the conclusion is that I may be able to use this Cmnd_Alias but I am not able to specify the file name /var/log/maillog with that. Can anyone help with the proper syntax please? Thanks.

1 Answer

this works or me:

Cmnd_Alias VIEW = /bin/cat /var/log/messages, /bin/head /var/log/messages, /bin/tail /var/log/messages, /bin/tailf /var/log/messages
luser ALL=NOPASSWD: VIEW

or

luser ALL=VIEW

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy