Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Shellscript not executing further after sudo over a user
Top Forums Shell Programming and Scripting Shellscript not executing further after sudo over a user Post 302773513 by adityam on Thursday 28th of February 2013 06:03:41 AM
Old 02-28-2013
Shellscript not executing further after sudo over a user
Hi,

I am writing a switch case statement and one of the option contains sudo to a particular user and then perform some steps after that but my script is unable to proceed with further execution after doing sudo over the user. Could you please suggest an workaround for this.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Shellscript to Sudo other account

Hi, I have to write a shell script to sudo other account. Foreg, i am working in account ramdev1, i have a sudo access where through shell script i need to sudo another account ramdev2 and read a file "ram.inc" get those data and save it in a .txt file and return it? Since i am new to... (21 Replies)
Discussion started by: sachin.tendulka
21 Replies

2. UNIX for Dummies Questions & Answers

scp with a sudo user

Morning guys, I'm hoping you can advise me as to whether or not the following is possible. Is there a way of firing off an scp command with a sudo user as the user? e.g. I am logged onto server1 as smith, but want to pull files from server2 that I can only read as sudo jones. In my mind it... (3 Replies)
Discussion started by: dlam
3 Replies

3. Linux

Sudo user vs RBAC

Hi all, What the difference between the sudo users & RBAC when the talk of effects after doing the above comes??? any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies

4. AIX

sudo user access

I have installed sudo on AIX 6100-04 and want to know how do I set it up for a user to be able to run only some commands? I want to give the user the rights to only cd to certain directories and run the ls command to name a few? Are there any issues with running sudo when the user is forced to... (2 Replies)
Discussion started by: daveisme
2 Replies

5. Shell Programming and Scripting

how to write a shellscript to send a mail alert to the website user based on license expiration time

hi, i am very much new to shell scripting i have a requirement that i have to develop a License Renewal Alert system that has to give a alert mail to the users before 30days of user account expiration, by checking expiration date of the user with the data base, this system will... (0 Replies)
Discussion started by: deepu_Shscripts
0 Replies

6. UNIX for Dummies Questions & Answers

sudo user

I am trying to run a command from different user on my server. However when i execute the command it asks for password can you please help. when i use this command to switch user no password is required 1) sudo su - bilbtf42 when i use 2) sudo su - bilbtf42 cp file1 direcotry1/file1 ... (3 Replies)
Discussion started by: blackeyed
3 Replies

7. UNIX for Dummies Questions & Answers

sudo su - USER ??? How to??

Hi folks, Here is my question of the day 8-) I have to provide the ability to sudo su - orapd2 & sudo su - pd2adm for the following people User A, B, C, D which all of them are part of the group staff. orapd2 and pd2adm are also users. Users A, B, C, D should not type the password for... (2 Replies)
Discussion started by: 300zxmuro
2 Replies

8. Shell Programming and Scripting

sudo su - user not working

Hi All, I need your expertise to solve my problem, my account has permission to make sudo and su but when I try to switch user in a shell, it does not work with following message: "Sorry, user jmbeltra is not allowed to execute '/usr/bin/su -c echo HELLO THERE - oracle' as root on dbbr1k01" I... (4 Replies)
Discussion started by: Axtel
4 Replies

9. AIX

Sudo to other user

Hello All, I am trying to grant sudo privileges to a set of users (say tom and jerry) to sudo to another set of users (jim, harry). This is because we don't want to disclose the password of jim and harry. I did defined the user_alias and runas alias. %wms ALL = (USR) /usr/bin/su -, where wms... (7 Replies)
Discussion started by: ibmtech
7 Replies

10. Shell Programming and Scripting

Executing bash file with sudo for the second time, leads to permission denied, for some commands

I have a script that checks if the script has been ran with sudo. If the script is not ran as sudo, the current script is being executed with exec sudo bash. You are asked for a password, you type in the password, success. Everything is perfect - the commands inside the script are ran as sudo.... (1 Reply)
Discussion started by: boqsc
1 Replies

LEARN ABOUT CENTOS

sssd-sudo

SSSD-SUDO(5)						   File Formats and Conventions 					      SSSD-SUDO(5)

NAME

       sssd-sudo - Configuring sudo with the SSSD back end

DESCRIPTION

       This manual page describes how to configure sudo(8) to work with sssd(8) and how SSSD caches sudo rules.

CONFIGURING SUDO TO COOPERATE WITH SSSD

       To enable SSSD as a source for sudo rules, add sss to the sudoers entry in nsswitch.conf(5).

       For example, to configure sudo to first lookup rules in the standard sudoers(5) file (which should contain rules that apply to local users)
       and then in SSSD, the nsswitch.conf file should contain the following line:

	   sudoers: files sss

       More information about configuring the sudoers search order from the nsswitch.conf file as well as information about the LDAP schema that
       is used to store sudo rules in the directory can be found in sudoers.ldap(5).

       Note: in order to use netgroups or IPA hostgroups in sudo rules, you also need to correctly set nisdomainname(1) to your NIS domain name
       (which equals to IPA domain name when using hostgroups).

CONFIGURING SSSD TO FETCH SUDO RULES

       All configuration that is needed on SSSD side is to extend the list of services with "sudo" in [sssd] section of sssd.conf(5). To speed up
       the LDAP lookups, you can also set search base for sudo rules using ldap_sudo_search_base option.

       The following example shows how to configure SSSD to download sudo rules from an LDAP server.

	   [sssd]
	   config_file_version = 2
	   services = nss, pam, sudo
	   domains = EXAMPLE

	   [domain/EXAMPLE]
	   id_provider = ldap
	   sudo_provider = ldap
	   ldap_uri = ldap://example.com
	   ldap_sudo_search_base = ou=sudoers,dc=example,dc=com

       When the SSSD is configured to use IPA as the ID provider, the sudo provider is automatically enabled. The sudo search base is configured
       to use the compat tree (ou=sudoers,$DC).

THE SUDO RULE CACHING MECHANISM

       The biggest challenge, when developing sudo support in SSSD, was to ensure that running sudo with SSSD as the data source provides the same
       user experience and is as fast as sudo but keeps providing the most current set of rules as possible. To satisfy these requirements, SSSD
       uses three kinds of updates. They are referred to as full refresh, smart refresh and rules refresh.

       The smart refresh periodically downloads rules that are new or were modified after the last update. Its primary goal is to keep the
       database growing by fetching only small increments that do not generate large amounts of network traffic.

       The full refresh simply deletes all sudo rules stored in the cache and replaces them with all rules that are stored on the server. This is
       used to keep the cache consistent by removing every rule which was deleted from the server. However, full refresh may produce a lot of
       traffic and thus it should be run only occasionally depending on the size and stability of the sudo rules.

       The rules refresh ensures that we do not grant the user more permission than defined. It is triggered each time the user runs sudo. Rules
       refresh will find all rules that apply to this user, check their expiration time and redownload them if expired. In the case that any of
       these rules are missing on the server, the SSSD will do an out of band full refresh because more rules (that apply to other users) may have
       been deleted.

       If enabled, SSSD will store only rules that can be applied to this machine. This means rules that contain one of the following values in
       sudoHost attribute:

       o   keyword ALL

       o   wildcard

       o   netgroup (in the form "+netgroup")

       o   hostname or fully qualified domain name of this machine

       o   one of the IP addresses of this machine

       o   one of the IP addresses of the network (in the form "address/mask")

       There are many configuration options that can be used to adjust the behavior. Please refer to "ldap_sudo_*" in sssd-ldap(5) and "sudo_*" in
       sssd.conf(5).

SEE ALSO

       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8),
       sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8),
       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8).

AUTHORS

       The SSSD upstream - http://fedorahosted.org/sssd

SSSD
								    06/17/2014							      SSSD-SUDO(5)
All times are GMT -4. The time now is 08:57 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy