04-04-2008
Sudoers problems.
Hi!
I'm trying to come up with a way for me to automate some processes. I have to do this via ssh. What I'm trying to do is have "box A" connect to "box B" as "user A" and execute a command as "user B" (sudoer). It needs to be done this way because of auditing and security policy. This is on Solaris 8
Here's how I have it setup now:
Box A has connectivity to box B
User A has logins on both box A and box B
User A connects to box B from box A and sudo's to user B
Here's what I have in the sudoers file:
User_Alias USERA = userA
Cmnd_Alias SU_USERA = /usr/bin/su - userB
USERA ALL = NOPASSWD: SU_USERA
So, I connect to box A and type:
ssh -t boxB "sudo su - userB /opt/rah/rah/rah/command.sh" >> /some/log/dir
It either doesn't change the user or it asks for a password. The script keeps a log in a directory owned by userB and, if it doesn't change the user, it says "cannot create, permission denied". Otherwise it sits there asking for a password. I've tried putting the full command in sudoers and that doesn't work. Anyone have ideas? Btw, this will eventually be put under Autosys control.
Thanks!
Last edited by blane; 04-04-2008 at 02:57 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Having a "running low on coffee" moment here & need help.
On HP 11.11 where is the sudoers file located; I looked every place I could think of and don't see it.
Thanks in advance:confused: (2 Replies)
Discussion started by: dhlopomo
2 Replies
2. Solaris
Hi,
on solaris 10, I have two users : user1 and user2
I want to create User_Alias and Cmnd_Alias to allow them to execute a command without prompting for sudo password.
command I want these users should be able to run is '/usr/bin/su - abcd' . Also user1 and 2 need not type the 'abcd'... (6 Replies)
Discussion started by: upengan78
6 Replies
3. UNIX for Advanced & Expert Users
We have users that have a # in their username. Sudo is working on some servers and not others. I have narrowed it down to the # in their username. Any suggestions or ideas why it is working on 1 server but not another.
Server not working is - Solaris 10 patch level 138888-01
Server working is ... (1 Reply)
Discussion started by: Gibby13
1 Replies
4. UNIX for Advanced & Expert Users
I'm stuck with a dilemma. I am trying to control userid's access to the su command in such a way that he will not be able to su to root (su, su -, su root, su - root) but he will be able to su to any other user. I have tried the following syntax:
userid ALL=/usr/bin/su ?*, !/usr/bin/su *root*... (2 Replies)
Discussion started by: chuckuykendall
2 Replies
5. UNIX for Dummies Questions & Answers
i just installed/configured apache2.0 on my own aix5.3 mini server. i can start/stop apache by root, but i want to start it under my login id(admin) instead.
i need to execute this command:
/usr/bin/sudo /usr/IBM/HTTPServer/bin/apachectl stop/start. (5 Replies)
Discussion started by: tjmannonline
5 Replies
6. UNIX and Linux Applications
Greetings!! I am attempting to solve a rather thorny issue and I was hoping that someone might have some insight into what is going on here..
At this point I have an openLDAP server that is working quite splendidly! :)
I have a working directory with users able to authenticate it and TLS... (2 Replies)
Discussion started by: bluethundr
2 Replies
7. Solaris
this is for the first time i am going to use sudoers i want know how to create sudoers and giving privileges for that users
thanks in advance
dinu (6 Replies)
Discussion started by: dinu
6 Replies
8. Solaris
what is the configuration file for sudo? can we edit it as like other file or will it create any adverse effect on editing that file?
thanks in advance
dinu (1 Reply)
Discussion started by: dinu
1 Replies
9. Solaris
In the sudoers file in Solaris...
I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies
10. Solaris
Having a bit of a discussion with a software vendor about this. Can anyone confirm my understanding?
/etc/sudoers file example:-
user1 server1 = NOPASSWD:/usr/bin/ls -l
user1 server1 = NOPASSWD:/usr/bin/file
But then the following command fails (logged in on server 1 as user1) because... (2 Replies)
Discussion started by: psychocandy
2 Replies
LEARN ABOUT DEBIAN
box2_6
Box(3I) InterViews Reference Manual Box(3I)
NAME
Box, HBox, VBox - tile interactors in a box
SYNOPSIS
#include <InterViews/box.h>
DESCRIPTION
A box is a scene of interactors that are tiled side-by-side in the available space. Interactors are placed left-to-right in a horizontal
box, and top-to-bottom in a vertical box.
A box will try to stretch or shrink the interactors inside it to fit the available space. The natural size of a box is the sum of its ele-
ments along the major axis, and the maximum along its minor axis. A box's stretchability (shrinkability) is the sum of its elements along
its major axis and the minimum of its elements along its minor axis.
PUBLIC OPERATIONS
HBox(...)
VBox(...)
Create a new box. Zero to seven interactors may be passed as arguments; the interactors are inserted into the box.
void Align(Alignment)
Set the alignment mode that the box uses to place elements along the minor axis. The default alignment for an hbox is Bottom; other
choices are Top and Center. The default alignment for a vbox is Left; other choices are Right and Center.
void Insert(Interactor*)
Append an interactor to the box. Components of an hbox (vbox) will appear left-to-right (top-to-bottom) in the order in which they
are inserted.
void Change(Interactor*)
Notify the box that the given interactor's shape has changed. If change propagation is true, the box will modify its own shape to
reflect the change and notify its parent. Regardless of propagation, the box will recompute the positions of the component interac-
tors and update any that have changed.
void Remove(Interactor*)
Take an element of out a box. Remove does not cause any immediate change to the other components in the box; the Change operation
must be called after one or more Removes to update the component positions.
SEE ALSO
Glue(3I), Interactor(3I), Scene(3I), Shape(3I)
InterViews 15 June 1987 Box(3I)