sudoedit, restricting to particular folder

Lawrence Horvath lordsporkton at
Thu Jun 1 22:13:41 PDT 2006

well in that case what can uyou recommend for editing only zone files
and being able to run rndc, that is my main  goal, i need to lock a
system so that only "rndc reload", "rndc reconfig" and editing zone
files is possible by a group of users, any suggestins? and/or how do
you do this?

On 5/31/06, N.J. Thomas <njt at> wrote:
> * Kirk Strauser <kirk at> [2006-05-30 16:30:45 -0500]:
> > > luser ALL = (root) sudoedit /home/luser/foo/*
> >
> > Why not give them root while you're at it:
> > luser$ cd ~/foo; ln -s /etc/master.passwd; sudoedit ~/foo/master.passwd
> Yikes, he's right. Don't put that in your sudoers file.
> I found some notes on the sudo mailing lists while Googling, that
>     luser ALL = (root) sudoedit /home/luser/foo/
> would work one day for all files in /home/luser/foo/, IIRC Todd Miller
> said this would come out in version 1.7, but it looks like development
> of sudo has stalled, so short of writing your own wrapper script (which
> shouldn't be terribly hard) I don't know how to solve the original
> problem of restricting sudoedit to a particular directly using sudo
> alone.
> Thomas
> --
> N.J. Thomas
> njt at
> Etiamsi occiderit me, in ipso sperabo


More information about the freebsd-questions mailing list