Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am facing following problem.
We are having 2 user named jzappa and imany.
right now jzappa have sudo access but we have to remove it now.imany have sudo access.
Now user need to able to 'su' to imany from jzappa and then to 'sudo su' to root from imany.
Thanks...
i want 1)jzappa user only able to su to imany user.2)imany user is able to sudo su to root. how to make entry in /etc/sudoers ?
In the scenario you described, why bother??
If the jzappa users logs in, and can su to imany, and from THERE, get root access, they can easily edit anything they want, including the sudoers file. What you're describing is pointless. I suggest you read the sudoers manual, and see any of the examples you can find online.
User_Alias RESUSER = jzappa
RESUSER ALL = !/usr/bin/su, !SHELLS, <any other commands you don't want them to run>, /bin/su imany
and jzappa will only be able to su to imany. Based on your other posts, you never follow up or answer questions, so I'm not sure what you'll do with this.
Hi
after putting below, it is asking for password for imany.I dont want that when i switch from jzappa to imany it dont ask for password.
User_Alias RESUSER = jzappa
RESUSER ALL = NOPASSWD: !/usr/bin/su,/bin/su imany
Kindly suggest.
Ok...again, I'll 'kindly suggest' you read the sudoers manual. If your user is set up to authenticate as part of a group, then no matter what you specify in the command alias group, they'll still have to. You don't post your sudoers file, so it's hard to say. And again, what you are doing is pointless. If the user can become root via another user ID, they're totally bypassing what sudo is for, and can do whatever they want.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.