Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sudo to user other than root but do not allow sudo to root
Operating Systems Linux Red Hat Sudo to user other than root but do not allow sudo to root Post 302933966 by sea on Tuesday 3rd of February 2015 12:40:28 PM
Old 02-03-2015
Hi

The issue is, they are not allowed to call su which you do to execute oracle.
As that is not allowed, it will fail.

Therefor, just try
Code:
sudo oracle

If that still wont work, and assuming DBA is a group where only users who are allowed to execute ORACLE belong to.
Try this change which should bring the desired change:
Code:
DBA ALL=(oracle) NOPASSWD: ALL

NOPASSWD: ALL means that there will be no password required to start anything from 'ALL', which is oracle.

Generaly saying, as i was once told, using sudo su - for 'daily' use is a bad habit.

Greetings, hope this helps
Last edited by sea; 02-03-2015 at 01:50 PM..
 

10 More Discussions You Might Find Interesting

1. Linux

sudo, root password

Hi all.. I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager. Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Discussion started by: penguin-friend
5 Replies

2. UNIX for Dummies Questions & Answers

Possible to give non root user sudo to "crontab -l"

Does anyone know if this is possible? I want to give some users access to root's crontab but only with a read privilege. Is this possible to do or can only root or people with full root sudo view root's cron? (4 Replies)
Discussion started by: LordJezoX
4 Replies

3. AIX

sudo must be setuid root.

Guy's I'm trying to add some lines in sudo by useing this command visudo # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL #... (5 Replies)
Discussion started by: ITHelper
5 Replies

4. Shell Programming and Scripting

Cron job initiating ssh AND sudo (from user, not root)

I've been bashing my head on the desk for 2 days trying to get this to work, but I've had no luck. I'll try to be as clear as possible in my explanation without dragging out the details. I'm trying to set up a cron job for user "john" which runs a script. This script initiates an ssh connection to... (5 Replies)
Discussion started by: eh3civic
5 Replies

5. UNIX for Dummies Questions & Answers

sudo/root access

I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'. I tried and got a error message like "not allowed". After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well. Can please somebody explain me this... (0 Replies)
Discussion started by: daWonderer
0 Replies

6. UNIX for Dummies Questions & Answers

Sudo to delegate permission from non-root user to another non-root user

I've been through many threads before i decide to create a separate thread. I can't really find the solution to my (simple) problem. Here's what I'm trying to achieve: As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user. The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies

7. UNIX for Dummies Questions & Answers

sudo on becoming root

Anyone able to explain why if i run "sudo -i" or "sudo -s" i am able to get into root by just keying my own password? How to avoid this from happening coz i need all the users to use su - only. (2 Replies)
Discussion started by: timmywong
2 Replies

8. UNIX for Dummies Questions & Answers

Create user with sudo ability to root.

Hi All, I need to give an user sudo ability to root. We have also generated RSA key but unable to proceed further. For example after a user logs into the server normally and when he executes below command $ssh root@server_name This should take you to root prompt # Please help me.... (3 Replies)
Discussion started by: Rockyc3400
3 Replies

9. Solaris

Sudo access of rm to non-root user

Hello, It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only. This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file. Is it possible to give... (9 Replies)
Discussion started by: solaris_1977
9 Replies

10. UNIX for Beginners Questions & Answers

Sudo to root, but keep my own aliases?

I have a coworker that has set up some funky aliases in /etc/bash.alias, and he insists on leaving them that way. For example he aliased "ll" to "ls -lahtr", which really bugs me. Anyway, I was wondering if there were a way for me to sudo to root without reading /etc/bash.alias, or maybe have... (6 Replies)
Discussion started by: paqman
6 Replies

LEARN ABOUT SUSE

ocf_heartbeat_oracle

OCF_HEARTBEAT_ORACLE(7) 					OCF resource agents					   OCF_HEARTBEAT_ORACLE(7)

NAME

       ocf_heartbeat_oracle - Manages an Oracle Database instance

SYNOPSIS

       oracle [start | stop | status | monitor | validate-all | methods | meta-data]

DESCRIPTION

       Resource script for oracle. Manages an Oracle Database instance as an HA resource.

SUPPORTED PARAMETERS

       sid
	   The Oracle SID (aka ORACLE_SID). (required, string, no default)

       home
	   The Oracle home directory (aka ORACLE_HOME). If not specified, then the SID along with its home should be listed in /etc/oratab.
	   (optional, string, no default)

       user
	   The Oracle owner (aka ORACLE_OWNER). If not specified, then it is set to the owner of file $ORACLE_HOME/dbs/*${ORACLE_SID}.ora. If this
	   does not work for you, just set it explicitely. (optional, string, no default)

       ipcrm
	   Sometimes IPC objects (shared memory segments and semaphores) belonging to an Oracle instance might be left behind which prevents the
	   instance from starting. It is not easy to figure out which shared segments belong to which instance, in particular when more instances
	   are running as same user. What we use here is the "oradebug" feature and its "ipc" trace utility. It is not optimal to parse the
	   debugging information, but I am not aware of any other way to find out about the IPC information. In case the format or wording of the
	   trace report changes, parsing might fail. There are some precautions, however, to prevent stepping on other peoples toes. There is also
	   a dumpinstipc option which will make us print the IPC objects which belong to the instance. Use it to see if we parse the trace file
	   correctly. Three settings are possible: - none: don't mess with IPC and hope for the best (beware: you'll probably be out of luck,
	   sooner or later) - instance: try to figure out the IPC stuff which belongs to the instance and remove only those (default; should be
	   safe) - orauser: remove all IPC belonging to the user which runs the instance (don't use this if you run more than one instance as same
	   user or if other apps running as this user use IPC) The default setting "instance" should be safe to use, but in that case we cannot
	   guarantee that the instance will start. In case IPC objects were already left around, because, for instance, someone mercilessly
	   killing Oracle processes, there is no way any more to find out which IPC objects should be removed. In that case, human intervention is
	   necessary, and probably _all_ instances running as same user will have to be stopped. The third setting, "orauser", guarantees IPC
	   objects removal, but it does that based only on IPC objects ownership, so you should use that only if every instance runs as separate
	   user. Please report any problems. Suggestions/fixes welcome. (optional, string, default instance)

       clear_backupmode
	   The clear of the backup mode of ORACLE. (optional, boolean, default false)

       shutdown_method
	   How to stop Oracle is a matter of taste it seems. The default method ("checkpoint/abort") is: alter system checkpoint; shutdown abort;
	   This should be the fastest safe way bring the instance down. If you find "shutdown abort" distasteful, set this attribute to
	   "immediate" in which case we will shutdown immediate; If you still think that there's even better way to shutdown an Oracle instance we
	   are willing to listen. (optional, string, default checkpoint/abort)

SUPPORTED ACTIONS

       This resource agent supports the following actions (operations):

       start
	   Starts the resource. Suggested minimum timeout: 120.

       stop
	   Stops the resource. Suggested minimum timeout: 120.

       status
	   Performs a status check. Suggested minimum timeout: 5.

       monitor
	   Performs a detailed status check. Suggested minimum timeout: 30. Suggested interval: 120.

       validate-all
	   Performs a validation of the resource configuration. Suggested minimum timeout: 5.

       methods
	   Suggested minimum timeout: 5.

       meta-data
	   Retrieves resource agent metadata (internal use only). Suggested minimum timeout: 5.

EXAMPLE

       The following is an example configuration for a oracle resource using the crm(8) shell:

	   primitive example_oracle ocf:heartbeat:oracle 
	     params 
	       sid=string 
	     op monitor depth="0" timeout="30" interval="120"

SEE ALSO

       http://www.linux-ha.org/wiki/oracle_(resource_agent)

AUTHOR

       Linux-HA contributors (see the resource agent source for information about individual authors)

resource-agents 1.0.3						    07/05/2010						   OCF_HEARTBEAT_ORACLE(7)
All times are GMT -4. The time now is 05:17 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy