How disable mysql command in sudoers file?

Posted by Carlos A. Junior on Ask Ubuntu See other posts from Ask Ubuntu or by Carlos A. Junior
Published on 2012-11-12T15:36:43Z Indexed on 2012/11/12 17:21 UTC
Read the original article Hit count: 330

Filed under:

12.04

|

security

|

visudo

How i can disable /usr/bin/mysql command in sudoers file ? ... Actually I've tryed use with this way:

%tailonly ALL=!/usr/bin/mysql

But when i'm access if user 'tailonly' of group 'tailonly', this command still enabled.

In resume, i'm only want that 'tailonly' user access 'tail -f /usr/app/*.log' ...

This is possible ?

Edit:

With this config, the user 'tailonly' still can access mysql terminal with 'mysql' command:

$: sudo su

$: visudo

Cmnd_Alias MYSQL = /usr/bin/mysql
Cmnd_Alias TAIL=/usr/bin/tail -f /jacad/jacad3/logs/*.log

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL
%swa    ALL=/etc/init.d/jacad3 stop
%swa    ALL=/etc/init.d/jacad3 start
%swa    ALL=/etc/init.d/jacad3 restart
%swa    ALL=sudoedit /jacad/jacad3/bin/jacad_start.sh

%tailonly ALL=ALL,!MYSQL

© Ask Ubuntu or respective owner

Related posts about 12.04

Wipe 12.04/Windows 7 dual boot setup and start fresh new 12.04

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have an Asus u56e laptop running dual boot setup, Windows 7 and 12.04. I had Windows 7 first. I was wondering what's the easiest way possible to erase/format my drive (500GB) so that it deletes Ubuntu and Windows 7 so I can reinstall 12.04 onto my whole drive? Does the Ubuntu Live CD help make this… >>> More
In 12.04: Failed to load session 'ubuntu' [closed]

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Possible Duplicate: There's an issue with an Alpha/Beta Release of Ubuntu, what should I do? I'm using 12.04 beta. Today I was prompted to install some updates, which I did, followed by a reboot. On reboot, X starts, but all I see is a single dialog window in the middle of the screen… >>> More
Will final version of 12.04 use the power management changes found in kernel 3.3

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have seen in some version of Ubuntu that instead of making a huge change to update to the latest kernel, they take some of the good stuff out of it, for the sake of stability and put it on a previous version. In this case, kernel 3.3 has seen some very good power management enhancements that are… >>> More
Wired PS/2 Keyboard and Mouse do not work in 12.04 Live CD or after fresh 12.04 install - Foxconn D270S Atom Motherboard

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
My Wired PS/2 keyboard and mouse do not work in 12.04, either in a fresh install or from the Live CD. A USB keyboard and mouse will work. The PS/2 keyboard and mouse will work using the same hardware and a fresh 10.04 Ubuntu install or a fresh Windows 7 install. The motherboard is a Foxconn D270S… >>> More
Difference between 12.04 and 12.04.1

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I recently did a fresh install of Ubuntu 12.04 two days ago. Or at least I thought it was 12.04, but actually 12.04.1. Now I'm having errors popping up from the grub loader. Error: no video mode activated which was apparently resolved in this bug# 699802. However these workarounds are for 11.xx… >>> More

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More