Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sudo to other user
Operating Systems AIX Sudo to other user Post 302848251 by bakunin on Wednesday 28th of August 2013 10:42:35 PM
Old 08-28-2013
If i am not mistaken you can include user groups in the User_Alias definition. If you have already a Unix group for this i suggest you use this instead of specifying another group in the sudoers file. This is easier to maintain.

If you want to switch to another user you have to use the "su" command as "root", sudos complaint was basically that you have no rule defining such a privilege for the users you want to be able to become other users. A "Runas_Alias" defines the (effective) user (ID) under which to run the command. You have allowed all users in JDA to run all commands as one of the users in DA - certainly not what you wanted. (To test my assumption: try "sudo -u emstst /bin/ls" as user "kwalker". This should work - you have run "/bin/ls" under the effective user ID of emstst.)

Delete the Runas_Alias. Define a Cmnd_Alias with the commands "su - wmstst", "su - modtst", etc., then allow the user "User_Alias-Name" to run command "Cmnd_Alias-Name" as root. This should work.

I hope this helps.

bakunin
This User Gave Thanks to bakunin For This Post:
ibmtech
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

scp with a sudo user

Morning guys, I'm hoping you can advise me as to whether or not the following is possible. Is there a way of firing off an scp command with a sudo user as the user? e.g. I am logged onto server1 as smith, but want to pull files from server2 that I can only read as sudo jones. In my mind it... (3 Replies)
Discussion started by: dlam
3 Replies

2. Linux

Sudo user vs RBAC

Hi all, What the difference between the sudo users & RBAC when the talk of effects after doing the above comes??? any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies

3. AIX

Run sudo to another user

Run sudo to another user . I have two users in my AIX system appadmin (Application admin ) and appuser (Application user) Application Admin user has special permission to run every thing about this application. I have one script called /usr/app.sh Only appadmin has permission to run this... (11 Replies)
Discussion started by: Mr.AIX
11 Replies

4. AIX

sudo user access

I have installed sudo on AIX 6100-04 and want to know how do I set it up for a user to be able to run only some commands? I want to give the user the rights to only cd to certain directories and run the ls command to name a few? Are there any issues with running sudo when the user is forced to... (2 Replies)
Discussion started by: daveisme
2 Replies

5. UNIX for Dummies Questions & Answers

sudo user

I am trying to run a command from different user on my server. However when i execute the command it asks for password can you please help. when i use this command to switch user no password is required 1) sudo su - bilbtf42 when i use 2) sudo su - bilbtf42 cp file1 direcotry1/file1 ... (3 Replies)
Discussion started by: blackeyed
3 Replies

6. UNIX for Dummies Questions & Answers

sudo su - USER ??? How to??

Hi folks, Here is my question of the day 8-) I have to provide the ability to sudo su - orapd2 & sudo su - pd2adm for the following people User A, B, C, D which all of them are part of the group staff. orapd2 and pd2adm are also users. Users A, B, C, D should not type the password for... (2 Replies)
Discussion started by: 300zxmuro
2 Replies

7. Linux

Linux- Useradd / sudo user

Hi, I am new in linux. Please help for create new user and also need to give sudo access in linux box. Please help me Now i am having new access Thanks, Mani (2 Replies)
Discussion started by: Mani_apr08
2 Replies

8. UNIX for Dummies Questions & Answers

Sudo for Non-Admin User

Can a user who is not an admin be added to sudoers to allow them to elevate to root and run administrative tasks only from the command line by using sudo, but not be able to perform administrative tasks in any other capacity? ---------- Post updated at 11:07 AM ---------- Previous update was at... (1 Reply)
Discussion started by: glev2005
1 Replies

9. Shell Programming and Scripting

sudo su - user not working

Hi All, I need your expertise to solve my problem, my account has permission to make sudo and su but when I try to switch user in a shell, it does not work with following message: "Sorry, user jmbeltra is not allowed to execute '/usr/bin/su -c echo HELLO THERE - oracle' as root on dbbr1k01" I... (4 Replies)
Discussion started by: Axtel
4 Replies

10. AIX

What is the command to add user to sudo?

Hi guys, I would like to add a new user and add him to sudo. appreciated if someone can give me the command to do so. Thanks (3 Replies)
Discussion started by: leecopper
3 Replies

LEARN ABOUT FREEBSD

newgrp

NEWGRP(1)						    BSD General Commands Manual 						 NEWGRP(1)

NAME

     newgrp -- change to a new group

SYNOPSIS

     newgrp [-l] [group]

DESCRIPTION

     The newgrp utility creates a new shell execution environment with modified real and effective group IDs.

     The options are as follows:

     -l      Simulate a full login.  The environment and umask are set to what would be expected if the user actually logged in again.

     If the group operand is present, a new shell is started with the specified effective and real group IDs.  The user will be prompted for a
     password if they are not a member of the specified group.

     Otherwise, the real, effective and supplementary group IDs are restored to those from the current user's password database entry.

EXIT STATUS

     The newgrp utility attempts to start the shell regardless of whether group IDs were successfully changed.

     If an error occurs and the shell cannot be started, newgrp exits >0.  Otherwise, the exit status of newgrp is the exit status of the shell.

SEE ALSO

     csh(1), groups(1), login(1), sh(1), su(1), umask(1), group(5), passwd(5), environ(7)

STANDARDS

     The newgrp utility conforms to IEEE Std 1003.1-2001 (``POSIX.1'').

HISTORY

     A newgrp utility appeared in Version 6 AT&T UNIX.

BUGS

     For security reasons, the newgrp utility is normally installed without the setuid bit.  To enable it, run the following command:

	   chmod u+s /usr/bin/newgrp

     Group passwords are inherently insecure as there is no way to stop users obtaining the password hash from the group database.  Their use is
     discouraged.  Instead, users should simply be added to the necessary groups.

BSD
								 February 8, 2013							       BSD
All times are GMT -4. The time now is 11:49 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy