|
Can't get sudoer to work right
I'm running SuseLinux10 (mostly like OpenSuse I think)
I have a script from which I need to call another script where the second script runs as a more privileged user (though not root) than the original user. The line is the script is: /bin/su - priv_user -c "${classbin}/pcnew ${1} ${LOGNAME}" Classbin could be absolute, but the args really need to remain variable. Is this possible to set this up in the sudoer file so that the unprivileged user doesn't have to enter the password of the privileged user? I attempted it as best I understood the sudoer file, but it didn't work (still asks for a password in other words). Here's the important lines from my sudoer file: Cmnd_Alias PC1240 = /bin/su - priv_user -c "${classbin}/pcnew ${1} ${LOGNAME}" %1240 ALL=(ALL) NOPASSWD: PC1240 Thanks. EDIT: Screw this. I'm going to write a wrapper that calls the script and just set the SUID bit on the wrapper program. |
After the NOPASSWD: instead of PC1240, try adding ALL.
|
I've gotten this working now. Here is what I did (with the help of people here) for future reference:
The trick was to use the following in the visudo file (with the things in caps being unique identifiers of your choice) Cmnd_Alias CMD_NAME = /absolute/path/to/script.scr, /as/necessary/more/scripts.scr Then also runas: Runas_Alias RUNAS_NAME = user1, user2, user3 Then at the bottom: %group ALL=(RUNAS_NAME) NOPASSWD: CMD_NAME Finally, in the script file itself, I needed to use the syntax sudo -u usertoswitchto ./script.scr arg1 arg2 |
Quote:
|
| All times are GMT -5. The time now is 10:47 AM. |