I have a temp directory set up where users can place whatever files they need to send to other users via HTTP. The owner of this directory is an SFTP user, and cannot run cron jobs.
I have one shell user that can run cron jobs, but does not have permission to edit files in the SFTP user's directory.
I have an admin user that can access the SFTP user's directory when using sudo, but can't (read: I'd really rather not) run cron jobs.
So, here's the conundrum. How do I get a nightly cron job to run as a shell user to delete files older than 1 week within the SFTP user's directory, with the admin user's privileges?
Best Answer
Edit the
/etc/sudoersfile (usevisudo!) and add an entry that allows the shell user to have sufficient privileges to run a specific command, without having to enter a password. If you use a script, make sure the script cannot by edited by anyone but root.In
/etc/sudoers, whereshelluseris the shell user name:shelluser ALL=NOPASSWD: /usr/bin/clean-up-sftp-temp-directoryIn a
/usr/bin/clean-up-sftp-temp-directoryscript, you can put something like:After making the script executable, you should be able to call
sudo clean-up-sftp-temp-directoryand add it to the shell user's crontab.