From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Rd373-0001rl-Sc for garchives@archives.gentoo.org; Tue, 20 Dec 2011 17:04:26 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 652AD21C192; Tue, 20 Dec 2011 17:04:07 +0000 (UTC) Received: from homiemail-a45.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by pigeon.gentoo.org (Postfix) with ESMTP id F053A21C04A for ; Tue, 20 Dec 2011 17:03:09 +0000 (UTC) Received: from homiemail-a45.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a45.g.dreamhost.com (Postfix) with ESMTP id 8D9CD48052 for ; Tue, 20 Dec 2011 09:02:57 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=libertytrek.org; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s= libertytrek.org; b=SkKHT4VzHMH56pSGJ2ohieKNCH1F9DKcFrPLObNZMiLDI bm+LJGBVnfNRoYHpnjutudU9zxk105PkP9fyskfRE/G6L0eBTWKXls2myRk1gesM rqh1iHkviwK2Di2E/9ZAxDNHHWquNCC52+mfKi7VKIYy8cRJV2fIa+Rxp9NdHk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=libertytrek.org; h= message-id:date:from:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; s= libertytrek.org; bh=iCjqFzJtzgeIHXAYywtStayS74A=; b=tRox8Cn2h1gk UKJgBI4PVgGTRj0QD9HMgsp5zXClP1TvIGuf6MYgxj8uAZMKxk5djow6hvEUYzAB 1r9Dm/Yp774hLG1xww3pt9oKXqDTu5V8Ifomddbk8liE1fzUHQKzwIEJUiggHrxJ rxu7N6v6OeoM4vLJkaejqKG3Fi8fzjo= Received: from [127.0.0.1] (smtp.media-brokers.com [70.43.81.99]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: tanstaafl@libertytrek.org) by homiemail-a45.g.dreamhost.com (Postfix) with ESMTPSA id 465F248059 for ; Tue, 20 Dec 2011 09:02:53 -0800 (PST) Message-ID: <4EF0BFC7.7040303@libertytrek.org> Date: Tue, 20 Dec 2011 12:03:03 -0500 From: Tanstaafl User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20111105 Thunderbird/8.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Allow non root users to edit files owned by root? References: <4EF0A415.8020007@libertytrek.org> <4EF0B101.3060709@binarywings.net> In-Reply-To: <4EF0B101.3060709@binarywings.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 42edb486-3239-46f9-97ee-d8335ec78f4f X-Archives-Hash: 0b0fb81537701e483748fa358a70144a On 2011-12-20 11:00 AM, Florian Philipp wrote: > You should probably also restrict which files can be edited (not > /etc/passwd, /etc/shadow or /etc/sudoers, for sure!). You can do this > with globs. For example: > %sudoroot sudoedit/var/www/* Great, that helps... but... He wants to use nano, so I set this up for nano, but there is one little issue... He sometimes uses different flags with nano (ie, 'nano -wc filename') - is there a way to specify the use with or without flags? I know you can use: /bin/nano -* /etc/apache2/*, But this fails if no flags are specified.