I would like a user to have sudo rights (without password check) to a couple of shell scripts under a specific directory (in my case, /usr/local/tomcat7/bin), and to nowhere else. What's the simplest way to accomplish this?
Something like this in /etc/sudoers didn't seem to work:
jsmith ALL=(ALL) NOPASSWD: /usr/local/tomcat7/bin
I think you are almost there. put a / at the end of your directory spec
jsmith ALL=(ALL) NOPASSWD: /usr/local/tomcat7/bin/
From the sudoers man page
A directory is a fully qualified path name ending in a '/'. When you specify a directory in a Cmnd_List, the user will be able to run any file within that directory (but not in any subdirectories therein).
Add a slash '/' to the end of the path.
jsmith ALL=(ALL) NOPASSWD: /usr/local/tomcat7/bin/
