03-12-2008
Sudo for a command
I am trying to set up sudo for a command, but do not want to specify the arguments that can be passed into it. I want the user who is using sudo to be able to pass in the arguments they want. I am fairly sure I know how to do this with RBAC in Solaris 10, but for reasons I will not get into I cannot use RBAC.
In summary, is there a way to set up sudo so the user can get at a command like /usr/sbin/projadd but be able to pass in their own arguments to it?
TIA.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi,
can any one of you help me how to run sudo commands/scripts remotely... (2 Replies)
Discussion started by: pvamsikr
2 Replies
2. Shell Programming and Scripting
Hello everybody,
Say I forgot my root password (shit happens, no?) and I'd like to brutally try 100 possibilities to delete a file using sudo. How can I make a script that tries all the passwords?
The following doesn't work. Do you have a clue?
foo:~$ cat test
sudo rm dummy <<< 'password'
echo... (1 Reply)
Discussion started by: chebarbudo
1 Replies
3. UNIX for Advanced & Expert Users
Hi All,
I am tring to redirect mails comming to my user id to a script. In other word trigger a script when a mail comes to my user id.
Actually , Admin team has done all this to me previously. in my script i am doing like
/usr/local/bin/sudo -u parbrxs /export/home/parbrxs/bin/parbrxs.sh... (4 Replies)
Discussion started by: mindtee_abhi
4 Replies
4. UNIX for Advanced & Expert Users
Hello,
What does the below sudo command provide access to, does it allow a user to su to any other user except root.
sudo !/usr/bin/su * (1 Reply)
Discussion started by: sophos
1 Replies
5. UNIX for Dummies Questions & Answers
Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks!
When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error:
exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies
6. UNIX for Dummies Questions & Answers
Hi, this is my first time posting here and am new to linux/unix. So here is my question.
I have two user account and a root account.
root
user account 1:calchen1
user account2: calchen2
Now i want to use the sudo utility to allows user to run programs with the privileges of another... (1 Reply)
Discussion started by: coolcalin812
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I have few doubts regarding "sudo" command. It acutally allows access to other commands as a different user. It stands for "superuser do".
Now, we execute a command as
sudo su - oracle
Can you please tell me what does it do actually, thank you. (6 Replies)
Discussion started by: Dev_Dev
6 Replies
8. Red Hat
I am wondering how to use SUDO command to allow only my account to run mount command as root. I have root privilege.:confused: (4 Replies)
Discussion started by: almirzaee
4 Replies
9. Shell Programming and Scripting
I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this:
#!/bin/bash
rsync /path/on/local/machine/ foo.com:path/on/remote/machine/
ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies
10. UNIX for Dummies Questions & Answers
Hi there,
I'm trying to setup sudo privileges for a user, Oracle in this case, to run Unix commands like mv,chmod, chown, mkdir, rmdir against their own set of commands or scripts.
Is there an easier way to do this than to give Unix commands for each of their respective commands as shown below... (2 Replies)
Discussion started by: mbak
2 Replies
LEARN ABOUT DEBIAN
gradm2
GRADM(8) System Manager's Manual GRADM(8)
NAME
gradm - Administration program for the grsecurity RBAC system
SYNOPSIS
gradm [ -E ] [ -R ] [ -C ] [ -F ] [ -L <logfile> ] [ -O <filename|stream> ] [ -M <filename|uid> ] [ -D ] [ -P [rolename] ] [ -a <rolename>
] [ -n <rolename> ] [ -p <rolename> ] [ -u ] [ -V ] [ -h ] [ -v ]
DESCRIPTION
gradm is the userspace RBAC parsing and authentication program for grsecurity
grsecurity aims to be a complete security system for Linux 2.4. gradm performs several tasks for the RBAC system including authenticated
via a password to the kernel and parsing rules to be passed to the kernel.
OPTIONS
All options to gradm are mutually exclusive, except for -L and -O.
-E Enable the RBAC system
-R Reload the RBAC system (only valid while in admin mode)
-C Perform a check of the RBAC policy, running the same analysis against it that is performed when enabling.
-F Toggle full learning mode. If used only with -L, it enables the RBAC system in full learning mode. If used with -L and -O, it
parses the full learning logs and generates a complete ruleset.
-M <filename|uid>
Remove an execution ban on a given uid or filename that has been put in place by the RES_CRASH resource restriction of the RBAC sys-
tem.
-L <logfile>
Parses the learning logs. Accepts an argument which specifies the logfile to scan for the learning logs. If "-" is specified as
the logfile, stdin will be used as the learning log. This option can be used with -E, -O, or -F.
-O <filename|stream>
Specifies output mode. Requires a single argument that can be "stdout", "stderr", or a regular file. Only used with -L or -F.
-D Disable the RBAC system
-P [rolename]
Without an argument, it sets the password for administering the RBAC system. With a role name as an argument, it sets the password
for that given special role.
-a <rolename>
Authenticate to a special role that requires a password.
-n <rolename>
Authenticate to a special role that does not require a password.
-p <rolename>
Authenticate through PAM to a special role.
-u Removes yourself from your current special role, reverting back to the normal role selection. To be used, for instance, for logging
out of an admin role without exiting your shell.
-V Displays verbose policy statistics when enabling the RBAC system or checking the RBAC policy. Can only be used with -C, -E, or -F
-L <filename>
-h Display help information
-v Print version information and exit
REPORTING BUGS
Please include as much information as possible(using any available debugging options) and send bug reports for gradm or the grsecurity RBAC
system to spender@grsecurity.net.
AUTHOR
grsecurity and gradm were created and are maintained by Brad Spengler <spender@grsecurity.net>
GRADM(8)