On Sun, Mar 18, 2012 at 11:42:42AM -0700, Rich Shepard wrote: > I'm far from competent with /etc/sudoers syntax. > > I have a simple, one-line script in /home/<user>/shell-scripts/homenet.sh > that I want to have run with root privileges (because it copies > /etc/resolv.conf.home to /etc/resolv.conf). > > With this line in /etc/sudoers > > %users = ALL=(root) NOPASSWD /home/<user>/shell-scripts/homenet.sh > > the command, 'shell-scripts/homenet.sh', tells me permission is denied to > create the file. With no entry in /etc/sudoers but running the comand > following 'sudo ' I'm told that the user is not allowed to execute the > script as root on that host. > > Please educate me in the proper syntax for /etc/sudoers so a user can run > a shell script as root.
I recommend you move your homenet.sh script out of the user's home directory. After all, that would probably allow them to modify the contents of the script, which defeats the whole purpose of restricted root privileges. It is also possible that sudo has a problem with this and is trying to prevent you from configuring something dangerously. Try putting the script in /usr/local/sbin instead. As for debugging your sudo config, have you looked at your system logs to see if sudo is complaining about anything? Are you using visudo to edit the file? I think it's best to use that instead of editing it directly. tim _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug