1 |
On Tue, 11 Sep 2012 22:47:21 -0400, Walter Dnes wrote: |
2 |
|
3 |
> Fully agree that's a bad idea. My system uses sudoers. I.e. in |
4 |
> /etc/sudoers.d/001 I have the lines... |
5 |
> |
6 |
> user2 d531 = (root) NOPASSWD: /usr/local/bin/ux * |
7 |
> waltdnes d531 = (root) NOPASSWD: /usr/local/bin/ux * |
8 |
> |
9 |
> ...where /usr/local/bin/ux consists of... |
10 |
> |
11 |
> #!/bin/busybox ash |
12 |
> pumount ${1} |
13 |
> |
14 |
> ...and in my home directory I have ~/bin/um which consists of... |
15 |
> |
16 |
> #! /bin/busybox ash |
17 |
> sudo /usr/local/bin/ux ${1} |
18 |
> |
19 |
> ...So I can, as a regular user, execute at the commandline... |
20 |
> |
21 |
> um sdb1 |
22 |
> |
23 |
> ...and /media/sdb1 is unmounted. No need to log on as root or have a |
24 |
> root shell. |
25 |
|
26 |
I don't understand, why are you using sudo to run pmount when its core |
27 |
purpose is to be run by normal users? |
28 |
|
29 |
% whatis pmount |
30 |
pmount (1) - mount arbitrary hotpluggable devices as normal user |
31 |
|
32 |
|
33 |
-- |
34 |
Neil Bothwick |
35 |
|
36 |
Life's a cache, and then you flush... |