server - Allow user in a chrooted shell to use a sudo command - Ask Ubuntu


i have user chrooted directory, , working smoothly. want group user in able restart single process that's being managed supervisor, however, , can't figure out how.

i've added line /etc/sudoers:

%mygroupname = (root) nopasswd:/usr/bin/supervisorctl restart myprocessname

i copied /usr/bin/sudo same path in chroot environment. copied of dependencies relevant places (found using ldd /usr/bin/sudo).

i've gathered sudo uses ton of additional files on system, , i've copied them chroot environment. i'm stuck now, however, , can't past error. missing?

sudo log (line breaks readability):

nov 10 20:29:04 sudo[3593] pam_setcred: failure setting user credentials @                            sudo_pam_begin_session()                            /build/sudo-1bdjzq/sudo-1.8.16/plugins/sudoers/auth/pam.c:274  nov 10 20:29:04 sudo[3593] pam_open_session: module unknown @                            sudo_pam_begin_session()                            /build/sudo-1bdjzq/sudo-1.8.16/plugins/sudoers/auth/pam.c:283

is stupid idea in first place?

rather trying copy sudo binary , dependencies chroot, might easier have script running root checks when file exists , restarts process.

that script might this:

#!/bin/bash restartfile="restartprocess" while :    user in /home/*          if [ -f $user/$restartfile ]                supervisorctl restart myprocessname          rm $user/$restartfile       fi    done    sleep 5 #adjust file checking time interval done

(this assumes user chrooted folder in /home)

once script running root, chrooted user have run 1 of following commands create empty file (called restartprocess) in home directory (you add ~/ before file name):

touch restartprocess 
echo > restartprocess 
> restartprocess

and process restarted.


Comments

Post a Comment

Popular posts from this blog

download - Firefox cannot save files (most of the time), how to solve? - Super User

this not full duplicate of this question or this question , though base question same. however, questions have no answers. for on half year have problems downloading files firefox. when click on download link, download dialog opened asking me do, save or open it. immediately, there error/warning pop-up (twice, can see 1 @ first) ok button. looks this message : "c:\users\%user%\appdata\local\temp\wbbdv9k8.zip.part not saved because source file not read. try again later or contact server administrator." replace '%user%' name of user trying download. after closing pop-up, download dialog disappears , have minimize firefox , open again, see other pop-up. downloading exact same file internet explorer work, not desired. i tried solutions here . tried solutions here . tried disabling extensions. tried fixing permissions on temp folder. tried making files , folder in profile directory non-readonly. tried running firefox administrator. tried
Read more

windows - "-2146893807 NTE_NOT_FOUND" when repair certificate store - Super User

i try repair certificate store in windows 10 doing c:\windows\system32>certutil -store -user ‎330000019dba8d5dddb98062a900000000019d "personal" certutil: -store command failed: 0x80090011 (-2146893807 nte_not_found) certutil: object not found. i have double check mmc, certificate details serial number of certificate. still fail repair certificate store. can please help? i getting same error when trying export pfx. turns out had export c:\cert.pfx instead of cert.pfx (it trying export file cert store ( cert:\localmachine\my ).
Read more

sql server - "Configuration file does not exist", Event ID 274 - Super User

sql server 2014 standard in server 2012 r2 i installed sql server 2014 in drive d: i following error: microsoft ssis service: registry setting specifying configuration file not exist. attempting load default config file. simply add c:\program files\microsoft sql server\1?0\dts\binn\msdtssrvr.ini.xml to default reg_sz value in: hkey_local_machine\software\microsoft\microsoft sql server\1?0\ssis\serviceconfigfile where ? replaced matching sql server version
Read more