Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sudo /bin/sh or sudo su -
Special Forums Cybersecurity sudo /bin/sh or sudo su - Post 302438120 by robsonde on Sunday 18th of July 2010 11:34:59 PM
Old 07-19-2010
sudo /bin/sh or sudo su -
we are looking at changing the way we get root on our network.

in our current system if an admin needs root access he just gets the root password and uses an su.

some of our staff have decided that a sudo to "/bin/sh" will be easer.
some of our staff think a sudo to "su -" will be better.
I feel that we should stick with root passwords.



what are the thoughts out there?






some background on our network that maybe of interest.
* we have a team of 9 unix admins who use root quite a lot.
* we have about 600 servers, solaris and HPUX.
* root passwords are kept in a password vault system that needs the user password to access.
* root passwords are changed every 6 months.
* our version of sudo is NOT standard, it can't be setup to let user sudo any command, it has to be setup for each and every command.
* auditing is not a big issue for us.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

sudo and su -

Hello The sudo is a "su" or "su -"? (i.e. it takes the user's profile also?) or is it me who define this? thanks (1 Reply)
Discussion started by: melanie_pfefer
1 Replies

2. UNIX for Dummies Questions & Answers

Problems with Alias, /bin/sh and sudo

'exec /bin/sh' breaks alias -------------------------------------------------------------------------------- I have an application that requires su to root in order to run some commands. Unfortunately, my corporate policy only allows sudo so I created an alias in .profile as "alias su="su... (0 Replies)
Discussion started by: stulincoln
0 Replies

3. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

4. Shell Programming and Scripting

sudo and sudo sh

Hello, I'm TOTALLY NEW to Unix. I just want to ask about what do those two commands in a SIMPLE NON-FORMAL mean: sudo sudo sh Thanks. (1 Reply)
Discussion started by: SWEngineer
1 Replies

5. AIX

sudo log and sudo auditing

Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run? sudo.log only contains sudo event, no activity logging. (3 Replies)
Discussion started by: jalite19
3 Replies

6. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

7. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

8. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

9. Red Hat

Sudo to user other than root but do not allow sudo to root

I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Discussion started by: westmoreland
1 Replies

LEARN ABOUT DEBIAN

su-to-root

su-to-root(1)						      Debian GNU/Linux manual						     su-to-root(1)

NAME

       su-to-root - A simple script to give an `interactive' front-end to su.  It can be used in menu entry commands to ask for the root password

SYNOPSIS

       su-to-root [-X] [-p <user>] -c <command>

DESCRIPTION

       Most  menu  entries  simply  start an editor or a game or whatever. But some menu entries would like to give the user the ability to change
       important settings in the system, that require root privileges.	su-to-root can be used to ask for the root password.

OPTIONS

       -c <command>
	      The command to execute as a string. This option is mandatory.

       -p <user>
	      The name of the user to change to, instead of root.

       -X     The command is a X11 program that does not require a terminal.  This is to be used with menu entries that declare needs="X11".

ENVIRONMENT

       SU_TO_ROOT_X
	      Select the su-like program called by su-to-root -X.  Supported values are gksu, kdesu, kde4su, ktsuss,
	       sux, gksudo and kdesudo.  kde4su denotes the KDE4 version of kdesu.

	      When this variable is not set su-to-root will currently try to use gksu, kdesu, kde4su, ktsuss, sux and the built-in code,  in  that
	      order with the exception that under a KDE session, kdesu and kde4su are prefered over gksu.

	      The exact set of programs to try and their order is subject to change without notice.

       SU_TO_ROOT_SU
	      Select the su-like program used in text mode.  Supported values are sudo, sux and su, the later being the default.

FILES

       /etc/su-to-rootrc

       ~/.su-to-rootrc
	      su-to-root will source these files at startup in this order. This lets you define and modify the environment variables above without
	      restarting your X session.

COPYING

       su-to-root is distributed under the GNU General Public License.	(GPL 2.0 or greater).

AUTHORS

       Joost Witteveen <joostje@debian.org>

       X11 support by Morten Brix Pedersen and Bill Allombert <ballombe@debian.org>

SEE ALSO

       update-menus(1), menufile(5), /usr/share/doc/menu/html

Debian Project							  20 October 1998						     su-to-root(1)
All times are GMT -4. The time now is 06:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy