Giving sudo access to a specific folder to new user

June 2, 2019 150 views
DigitalOcean

Hi all,

I need my developer to have sudo access to one of the folders in root directory. I have his new user account, How do go about giving him access to this 1 specific folder so he can SSH into it ?

1 Answer

It is going to be fairly difficult to restrict a sudoer to a single folder. I believe there are some options, commonly referred to as a jail. I believe it involves a mounted folder (mounted like a virtual drive), and even then it isn’t completely safe.

It may not suit your situation, but it is possible to use a process manager like PM2 to do things like restarting services and I believe it only requires sudo access upon the first installation (you may be able to revoke sudo access after install). Once installed it can restart processes and initiate new processes (there will be some limitations here, you will have to see if you can live with them). There are a few articles on using PM2 in the Community Tutorials section.

You may also be able to use something like vsftpd to achieve restriction to a specific directory (although generally the assumption is a non-sudo user’s home directory). You could check the How To Set Up vsftpd for a User’s Directory on Ubuntu 16.04 to see if that suits your situation.

I don’t think there is going to be a perfect fit, because I don’t think it was ever the intention to give an untrusted user sudo access. Good luck with it either way.

by Melissa Anderson
FTP, short for File Transfer Protocol, is a network protocol that was once widely used for moving files between a client and server. It has since been replaced by faster, more secure, and more convenient ways of delivering files. Many casual Internet users expect to download...
Have another answer? Share your knowledge.