Greetings all,

I'm interested in knowing more about setting up the sudoers file... hope to receive some advice here.

Let's say that I have 3 users, with usernames user1, user2 and user3. The following rules would apply for each user:

user1 can only use the command ksh a.sh to launch himself into the a.sh shell script.

user2 can only use the command ksh b.sh ABC to launch himself into the b.sh shell script. The 3rd argument (or parameter) must strictly be the string "ABC", else we should deny access.

user3 can only use the command ksh b.sh DEF to launch himself into the b.sh shell script. The 3rd argument (or parameter) must strictly be the string "DEF", else we should deny access.

What are the declarations that I should make in the sudoer file for each of the 3 users?

Thanks in advance.

1. add the below line at the top of scripts a.sh and b.sh(check exact path of ksh on your system) to avoid using ksh to run the scipts.

#!/usr/bin/ksh

2. put the scripts alongwith arguments into another script:

echo "b.sh ABC" >/sbin/user2_script.sh;chmod +x /sbin/user2_script.sh
echo "b.sh DEF" >/sbin/user3_script.sh; chmod +x /sbin/user3_script.sh


3. add the below entries to sudoers file:


user1 ALL = NOPASSWD: /sbin/a.sh (whatever path exactly on your system)
user2 ALL = NOPASSWD: /sbin/user2_script.sh
user3 ALL = NOPASSWD: /sbin/user3_script.sh



DONE