-1

I need to access a file on an NFS fileserver where root squash is turned on. I'm using bash on Arch Linux. I am using this type of command:

# sudo -u authduser ls /mounted/filesystem/path/aa.user.js

This succeeds and the output is:

/mounted/filesystem/path/aa.user.js

However, there are multiple files, such as bb.user.js. When I try the following command it fails:

# sudo -u authduser ls /mounted/filesystem/path/*.user.js

The output is:

ls: cannot access '/mounted/filesystem/path/*.user.js': No such file or directory

I have tried quoting, escaping and various other things without success. What is the correct way?

MountainX
  • 17,948
  • It does not appear to be a duplicate to me. You can see from the output in my question that it is not a permissions issue. – MountainX Nov 22 '18 at 07:39
  • 1
    No, your output doesn't show that. – muru Nov 22 '18 at 07:40
  • OK, you're correct. But given that the specifics are the opposite of that question, I think this is still a distinct and different question. – MountainX Nov 22 '18 at 07:48

2 Answers2

1

The issue with the wildcard is that it's expanded by the shell, before running the sudo command.

If only authduser will be able to list files under /mounted/filesystem/path/, but not your user who is running the sudo command, then the shell will not be able to expand the wildcard and will pass it unmodified. Since ls itself doesn't expand wildcards, this will result in the error you're seeing.

See Why isn't this sudo mv operation with wildcard working? for more details on that.

For a solution to this problem, you can use sudo's -s argument, which spawns a shell as the target user (rather than simply executing a command directly), in which case if you also give it a command, it will be passed to the shell using the -c option (which is the usual option for the shell to interpret and execute a command, including wildcard expansion.)

In that case, you'll want to put the command within quotes (preferably single quotes), so that the shell running the sudo command will not try to interpret the command, only the one spawned by sudo as the target user:

# sudo -u authduser -s 'ls /mounted/filesystem/path/*.user.js'

See the man page of sudo for more details, in particular take a look at the -s option.

UPDATE: It's not really possible to use sudo -s with a command here. See “sudo -s ” runs command in a shell, but wildcards or metacharacters not working for more details.

filbranden
  • 21,751
  • 4
  • 63
  • 86
0

The following approach works:

sudo -u authduser bash -c "ls /mounted/filesystem/path/*.user.js"

muru was correct that the issue is similar to Why isn't this sudo mv operation with wildcard working?, except the opposite in that root lacks permissions and the regular user has permissions. The issue comes down to order of precedence of operations, and the solution is based on expanding the wildcard after the sudo operation rather than before it.

MountainX
  • 17,948
  • 2
    The issue is exactly the same: the target user for sudo has permissions, the user running sudo doesn't. – muru Nov 22 '18 at 07:51