0

I have a script that runs from user that don't have permission for read\etc files in directory and script uses command below:

sudo /bin/find /var/log/some_logs -name "*access.log"

There is a pack of logs which names like bla-bla-access.log, I want to return all its names. I want to give the permission to that user for running this command

I did in visudo the next:

my_user ALL=(root) NOPASSWD: /bin/find /var/log/some_logs -name "*access.log" But it doesn't work

It works only if I do the next:

my_user ALL=(root) NOPASSWD: /bin/find

But I don't want give the permission for using "find" in all directories.

Kindly help with this issue.

Daniil Zhilin
  • 1
  • 1
  • Please [edit] your question and tell us what application creates the logs. What all should the user be allowed to do? Only list the files with `find`, not with `ls`? Read the contents? Show the owner, group and permissions of the log files and the containing directories up to `/var/log/some_logs`, e.g. output of `ls -ld /var/log/some_logs`, `ls -ld /var/log/some_logs/subdirectory` (if applicable), and a few lines of `find /var/log/some_logs -name "*access.log" -exec ls -ld {} +` Do the files and directories belong to a specific group that could be assigned to the user as a supplementary group? – Bodo May 17 '23 at 16:17

0 Answers0