|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Shellscript not executing further after sudo over a user
Post 302773525 by Vikram_Tanwar12 on Thursday 28th of February 2013 06:42:35 AM
02-28-2013
|
|
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi,
I have to write a shell script to sudo other account. Foreg,
i am working in account ramdev1, i have a sudo access where through shell script i need to sudo another account
ramdev2 and read a file "ram.inc" get those data and save it in a .txt file and return it?
Since i am new to... (21 Replies)
Discussion started by: sachin.tendulka
21 Replies
2. UNIX for Dummies Questions & Answers
Morning guys, I'm hoping you can advise me as to whether or not the following is possible.
Is there a way of firing off an scp command with a sudo user as the user?
e.g. I am logged onto server1 as smith, but want to pull files from server2 that I can only read as sudo jones.
In my mind it... (3 Replies)
Discussion started by: dlam
3 Replies
3. Linux
Hi all,
What the difference between the sudo users & RBAC when the talk of effects after doing the above comes???
any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies
4. AIX
I have installed sudo on AIX 6100-04 and want to know how do I set it up for a user to be able to run only some commands? I want to give the user the rights to only cd to certain directories and run the ls command to name a few? Are there any issues with running sudo when the user is forced to... (2 Replies)
Discussion started by: daveisme
2 Replies
5. Shell Programming and Scripting
how to write a shellscript to send a mail alert to the website user based on license expiration time
hi,
i am very much new to shell scripting i have a requirement that i have to develop a License Renewal Alert system
that has to give a alert mail to the users before 30days of user account expiration, by checking expiration date of the user with the data base, this system will... (0 Replies)
Discussion started by: deepu_Shscripts
0 Replies
6. UNIX for Dummies Questions & Answers
I am trying to run a command from different user on my server. However when i execute the command it asks for password can you please help.
when i use this command to switch user no password is required
1) sudo su - bilbtf42
when i use
2) sudo su - bilbtf42 cp file1 direcotry1/file1
... (3 Replies)
Discussion started by: blackeyed
3 Replies
7. UNIX for Dummies Questions & Answers
Hi folks,
Here is my question of the day 8-)
I have to provide the ability to sudo su - orapd2 & sudo su - pd2adm for the following people
User A, B, C, D which all of them are part of the group staff.
orapd2 and pd2adm are also users. Users A, B, C, D should not type the password for... (2 Replies)
Discussion started by: 300zxmuro
2 Replies
8. Shell Programming and Scripting
Hi All, I need your expertise to solve my problem, my account has permission to make sudo and su but when I try to switch user in a shell, it does not work with following message:
"Sorry, user jmbeltra is not allowed to execute '/usr/bin/su -c echo HELLO THERE - oracle' as root on dbbr1k01"
I... (4 Replies)
Discussion started by: Axtel
4 Replies
9. AIX
Hello All,
I am trying to grant sudo privileges to a set of users (say tom and jerry) to sudo to another set of users (jim, harry). This is because we don't want to disclose the password of jim and harry.
I did defined the user_alias and runas alias.
%wms ALL = (USR) /usr/bin/su -, where wms... (7 Replies)
Discussion started by: ibmtech
7 Replies
10. Shell Programming and Scripting
I have a script that checks if the script has been ran with sudo.
If the script is not ran as sudo, the current script is being executed with exec sudo bash.
You are asked for a password, you type in the password, success. Everything is perfect - the commands inside the script are ran as sudo.... (1 Reply)
Discussion started by: boqsc
1 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8) PAM_SSH_AGENT_AUTH This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails. SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys /etc/sudoers: Defaults env_keep += "SSH_AUTH_SOCK" This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in /etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can either be local, or forwarded. Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry. ARGUMENTS
file=<path to authorized_keys> Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below) allow_user_owned_authorized_keys_file A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically whenever the expansions %h or ~ are used. debug A flag which enables verbose logging sudo_service_name=<service name you compiled sudo to use> (when compiled with --enable-sudo-hack) Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER. This defaults to "sudo". EXPANSIONS
~ -- same as in shells, a user's Home directory Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file %h -- User's Home directory Automatically enables allow_user_owned_authorized_keys_file %H -- The short-hostname %u -- Username %f -- FQDN EXAMPLES
in /etc/pam.d/sudo "auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys" The default .ssh/authorized_keys file in a user's home-directory "auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys" Same as above. "auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys" If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'. "auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file" On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself. "auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys" On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root. v0.8 2009-08-09 pam_ssh_agent_auth(8)