From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RdknW-0008C7-1f for garchives@archives.gentoo.org; Thu, 22 Dec 2011 15:43:10 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1465021C123; Thu, 22 Dec 2011 15:43:00 +0000 (UTC) Received: from homiemail-a80.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by pigeon.gentoo.org (Postfix) with ESMTP id DD91D21C04D for ; Thu, 22 Dec 2011 15:41:58 +0000 (UTC) Received: from homiemail-a80.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a80.g.dreamhost.com (Postfix) with ESMTP id 4882737A06E for ; Thu, 22 Dec 2011 07:41:58 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=libertytrek.org; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s= libertytrek.org; b=yUEvRBfwjXMj9dkaHrGKpsDO8inM54o6TnDRYc9pwAd3H UGsCbbFkGgeH15PfkHAQa6nl/s0purdiTp5pnioNiAg6oA40drWqeS3XeBwXTWWq haxgnw0BhEL5ZUIIsOnXFlbfMs0Lw0RGSVcMqCFs7VN6B8uN66q5sQ3y8REL0Y= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=libertytrek.org; h= message-id:date:from:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; s= libertytrek.org; bh=H4UtHK6tgxwNSheCaJ9UUCNSvG4=; b=pYGs+pKuCUuz I6nrqKanQ389of9T2nODlAO0yOz+pCw9lTbq6KF4J8boqZ0u0HuSyYZQxos1zdiI EwuQgf35CETUfeZOjr2uNameBxHTQS0tFJS3toPySKsxM0mOCbxi86e1cRWsmAie kPgfJCgRhdS/R+zBiS0R3XYahf1KPF8= Received: from [127.0.0.1] (smtp.media-brokers.com [70.43.81.99]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: tanstaafl@libertytrek.org) by homiemail-a80.g.dreamhost.com (Postfix) with ESMTPSA id 9C66337A065 for ; Thu, 22 Dec 2011 07:41:57 -0800 (PST) Message-ID: <4EF34FC5.5050602@libertytrek.org> Date: Thu, 22 Dec 2011 10:41:57 -0500 From: Tanstaafl User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0) Gecko/20111220 Thunderbird/9.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Allow non root users to edit files owned by root? References: <4EF0A415.8020007@libertytrek.org> <4EF0B101.3060709@binarywings.net> In-Reply-To: <4EF0B101.3060709@binarywings.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: ac77180f-4425-4896-86b4-051ef94e4457 X-Archives-Hash: c849e8e5db2eff43633a8197955d8bb0 On 2011-12-20 11:00 AM, Florian Philipp wrote: > You should probably also restrict which files can be edited (not > /etc/passwd, /etc/shadow or /etc/sudoers, for sure!). You can do this > with globs. For example: > %sudoroot sudoedit/var/www/* Ok, just found out that subdirectories are not included when doing it this way, and haven't found a way to include them... Please tell me there is a way, and I won't have to explicitly define every subdirectory under /var/www that they will need to be able to work in...