sudo, protected dir and wildcard

[nordic bro]

created a dir as root (/misc/tmp), copied some files into it and did chmod 700 on the dir:

ls -la /misc:

drwx------ 2 root root 4096 Aug 25 23:07 tmp

user in /etc/sudoers can do this and see dir contents:

sudo ls /misc/tmp/

but this says "sudo: No match.":

sudo ls /misc/tmp/*

is there something I can do to make it work with *? I thought maybe it had something to do with "." or ".." in there but user can do this:

sudo ls /misc/tmp/.

although not this:

sudo ls /misc/tmp/.*
sudo: No match.

[lagalopex]

The * is evaluated in your current shell. (So, with your persmissions, not the root ones.)
As it is not finding anything (no persmissions), it will pass the * just as is. And a file with this name does not exist.

You need the * to be interpreted with the root privileges.
Perhaps something like "sudo bash -c 'ls /misc/tmp/*'" would work, though not very nice.

Why do you need this functionallity at all?

[nordic bro]

thanks, your workaround does the trick. I'm a little fuzzy on the subtleties of "*" but will read up on that.

I need it to use stat on a pgsql pg_log dir (parent is 700, postgres:postgres) to grab the newest few with a single cmd string:

stat -c "%Y\t%n" .../pg_log/* | sort -n | tail -3 | cut -d\t -f 2- | xargs cp -t /tmp

if I don't use "*" stat returns data on the dir itself and not its contents.

I couldn't figure out how to get the pathname included for each file using ls (where I wouldn't need *) - maybe there's a way to tell xargs or cp what to use but I got locked into the above once I saw how close it was to working

[Hu]

Perhaps find dir -printf specifiers could print the information you need instead of using stat with a glob. This would work in large directories where the glob fails, and would delegate file discovery into find, so that you could sudo the find instead of sudo'ing the pipeline.