LinuxQuestions.org - Sudo Login Problem using RSA Token Authentication

- Solaris / OpenSolaris (https://www.linuxquestions.org/questions/solaris-opensolaris-20/)

- - Sudo Login Problem using RSA Token Authentication (https://www.linuxquestions.org/questions/solaris-opensolaris-20/sudo-login-problem-using-rsa-token-authentication-865513/)

Sudo Login Problem using RSA Token Authentication

Hi,

When I issue the command:

Code:

sudo -l

I get

Code:

/usr/bin/su MrGreat

listed in the output.

But when I execute the following command:

Code:

bash-2.05$ sudo /usr/bin/su MrGreat

I get this error:

Code:

Sorry, user MrOrdinary is not allowed to execute '/usr/bin/su MrGreat' as root on lazyServer.

We have RSA Token authentication for login on the server. It works for my user ID and for other user IDs which are listed in the output given by sudo -l.

Any ideas?

System pertinent information you may need:

Code:

$uname -a

SunOS lazyServer 5.9 Generic_122300-48 sun4u sparc SUNW,Sun-Fire

$

Something is missing in your sudo rules. In your sudo -l display, I'm not seeing the run-as ID, which would have to contain "root" in order to allow you to do what you're trying to do.

I'm having trouble figuring out why you'd want to use sudo and su at the same time, since one replaces the other. You could issue "sudo -u MrGreat bash" and accomplish the same thing. This way you're not granting any users authority to use root on anything. You just make the sudo rule like so:

Code:

%groupname ALL = (MrGreat) ALL

And then add all your users who need MrGreat authority to said group.