13

I have a non-admin user in Ubuntu 12.04 LTS desktop 32-bit OS to whom I need to give permissions only to access /var/log as he needs to monitor logs and create reports related to it.

I do not want to give him admin access at any cost.

How can I achieve this?

Gilles 'SO- stop being evil'
  • 59,745
  • 16
  • 131
  • 158
Hrish
  • 2,313
  • 13
  • 42
  • 63
  • 1
    Really depends on the way you want to go. You could give read permissions to world: "chmod a+r" or you could enable acl (Access Control List) on your hard-drive (its a mount option) which gives you lower granularity in setting read+write permissions. – tombert Nov 26 '13 at 07:27
  • @tombert Agreed, but I was worried to do that, as to it can also affect the systems booting process, if set incorrectly. and I am not that used to with ACL. :P – Hrish Nov 27 '13 at 03:51

2 Answers2

13

Permission to view log files is granted to users being in the group adm.

To add a user to this group on the command line issue:

sudo usermod -aG adm <USER>
Takkat
  • 140,996
  • 54
  • 308
  • 426
  • Thanks man it worked like a charm. But do you know where I can check the list of default permissions, of such system generated groups? I know that my English is not that great, hence let me know if you do not understand my question... it's perfectly fine with me! .... :P – Hrish Nov 27 '13 at 03:55
  • You may want to look that up with `gnome-system-tools` from the GUI: http://askubuntu.com/questions/66718/how-to-manage-users-and-groups. The link I gave you in my answer also has a list of defaults - scroll up the page. – Takkat Nov 27 '13 at 07:34
  • Be aware that being in the adm group you can also sudo. – tombert Nov 28 '13 at 06:49
  • @tombert nope - `adm` != `admin` it is in no way related to sudoers. – Takkat Nov 28 '13 at 07:42
  • @Takkat: thx, I mixed it up. – tombert Nov 28 '13 at 08:47
  • @Takkat Appreciate your awesome answer pal... This is the Best possible and recommended solution for all Linux users .... workes like a wonder & does not give access to anything else apart tan logs... Great solution... Thanks again Takkat – Hrish Jan 27 '14 at 06:46
0

Check this out for using ACL:

https://help.ubuntu.com/community/FilePermissions

tombert
  • 861
  • 5
  • 10