Ping a Specific Port

Question

secavfr

Asked: 2021-06-05 08:44:38 +0800 CST2021-06-05 08:44:38 +0800 CST 2021-06-05 08:44:38 +0800 CST

Allow my users to remove root-owned directories within their HOME

772

My users are on Ubuntu running Docker and mounting directories in their sessions. The problem is that any non-existing directory or file mounted with Docker is owned by root.

I would like to allow my users to remove any root-owned file or directory under their $HOME directory with an /etc/sudoers directive. Something like :

# /!\ This is not working
%MyUsers ALL=NOPASSWD: /bin/rm $HOME/*

Is it possible within /etc/sudoers ?
What options do I have ?

Thanks for your help.

Using Docker-rootless mode is not an option for us.

1 Answers

Voted

Ginnungagap · Answer 1 · 2021-06-06T01:30:15+08:00

Ginnungagap

2021-06-06T01:30:15+08:002021-06-06T01:30:15+08:00

If they're running docker as root, and they can control the daemon, they're already root.

Trying to grant them limited sudo permissions is pointless and you're better off granting them full root access to their machines.

In addition to which, it is nearly impossible without a wrapper to grant them permission to execute rm $HOME/* as root securely. I'd just have to ln -s / $HOME/root and I could delete anything.

2

Allow my users to remove root-owned directories within their HOME

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?