LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-18-2004, 10:32 AM   #1
spratty
LQ Newbie
 
Registered: May 2004
Location: Near London, England
Distribution: Red Hat
Posts: 2

Rep: Reputation: 0
Question SUDO as *non-root* user


All,

Sorry if this has been addressed before, but I couldn't find the info I needed by searching the forums. Anyway, I'm quite new to Linux (Red Hat AS 2.1) and need to set up sudoers to allow a user (say, "xyz") to run a certain command (say "/home/oracle/scripts/test1.sh") as user "oracle", not as user "root". We already have sudo working for users to run stuff as root but cannot get it working so that the command "sudo -u oracle /home/oracle/scripts/test1.sh" results in the script being run - instead I always get the error:

"Sorry, user xyz is not allowed to execute '/home/oracle/scripts/test1.sh' as oracle on server.domain."

The lines I have added to sudoers are as follows:

User_Alias TEST = xyz
Runas_Alias T1 = oracle
TEST ALL=/home/oracle/scripts/test1.sh T1

This all seems to be in order but I keep getting the above error.

I realise I've probably missed something obvious but that's me all over.

Any help or advice would be much appreciated.

TIA,

Tony.

EDIT: Sorry to have wasted your time - I found the answer unexpectedly. The line:

TEST ALL=/home/oracle/scripts/test1.sh T1

should have been

TEST ALL=(T1) /home/oracle/scripts/test1.sh

Many apologies.

Tony.

Last edited by spratty; 05-18-2004 at 10:50 AM.
 
Old 05-18-2004, 02:22 PM   #2
lone_nut
Member
 
Registered: Dec 2003
Location: Denmark
Distribution: Mandrake
Posts: 179

Rep: Reputation: 30
The following command gets the person root acces and then change to the user foo, running the command bar:
sudo su -c bar foo
 
Old 05-18-2004, 03:27 PM   #3
Poetics
Senior Member
 
Registered: Jun 2003
Location: California
Distribution: Slackware
Posts: 1,181

Rep: Reputation: 49
can't you do a "su todd" to su over to Todd's account?
 
Old 05-19-2004, 04:35 AM   #4
spratty
LQ Newbie
 
Registered: May 2004
Location: Near London, England
Distribution: Red Hat
Posts: 2

Original Poster
Rep: Reputation: 0
Thanks guys but "su" is out of the question. It's a long story but we want our operators to run certain commands as the oracle user but we do not want them to have the oracle user's password - the auditors would have a fit. "sudo" is perfect for our purposes, we were just having trouble with the syntax of "sudoers".

Thanks anyway - I appreciate the effort.

EDIT: Yes - this means I work for a corporate empire who are moving from HP UX to Red Hat for database/app server installations. And we're finding *huge* performance/cost gains as we go. And to think I was a Windows man since forever...

Last edited by spratty; 05-19-2004 at 08:59 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
alsa work with root or sudo but not user walterbyrd Linux - Hardware 5 10-24-2005 02:53 PM
Running a script as root with sudo without entering the user password kloss Linux - General 8 10-10-2005 12:39 PM
allow sudo for www user to run root shell script cccc *BSD 12 07-23-2005 04:48 PM
How to hack sudo to become root lewkh Linux - Security 5 01-08-2005 07:20 AM
Sudo, su and root lesleyb Linux - Security 3 10-18-2004 02:36 PM


All times are GMT -5. The time now is 09:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration