10-25-2019
Sudo on a binary
Hi,
On AIX 7
How give a user the privilege to run a single binary or a Shell script with sudo?
Once done, what would be the syntax to run the binary please?
Thanks
9 More Discussions You Might Find Interesting
1. Solaris
Hi,
I have two Solaris machines.
1. SunOS X 5.8 Generic_108528-29 sun4u sparc SUNW,Sun-Blade-1500
2. SunOS Y 5.8 Generic_108528-13 sun4u sparc SUNW,Ultra-60
I am trying to buiild a project on both these machines. The Binary output file compiled on machine 2 runs on both the machines. Where... (0 Replies)
Discussion started by: scgupta
0 Replies
2. UNIX for Dummies Questions & Answers
Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks!
When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error:
exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies
3. Cybersecurity
we are looking at changing the way we get root on our network.
in our current system if an admin needs root access he just gets the root password and uses an su.
some of our staff have decided that a sudo to "/bin/sh" will be easer.
some of our staff think a sudo to "su -" will be better.
I... (0 Replies)
Discussion started by: robsonde
0 Replies
4. AIX
Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run?
sudo.log only contains sudo event, no activity logging. (3 Replies)
Discussion started by: jalite19
3 Replies
5. Shell Programming and Scripting
I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this:
#!/bin/bash
rsync /path/on/local/machine/ foo.com:path/on/remote/machine/
ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies
6. Shell Programming and Scripting
Hi All,
I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing
"sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies
7. Shell Programming and Scripting
Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error.
Command:
sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh
Error:
sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies
8. Shell Programming and Scripting
Hello *nix specialists,
Im working for a non profit organisation in Germany to transport DSL over WLAN to people in areas without no DSL. We are using Linksys WRT 54 router with DD-WRT firmware There are at the moment over 180 router running but we have to change some settings next time. So my... (7 Replies)
Discussion started by: digidax
7 Replies
9. Red Hat
I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Discussion started by: westmoreland
1 Replies
dop(8) System Manager's Manual dop(8)
NAME
dop - Allows a user to execute a privileged program without knowing the root password. The dop command also modifies the action database.
SYNOPSIS
/usr/sbin/dop [-n | -N] [ui:] action [args]
/usr/sbin/dop -a priv[,priv]... action [ui:]pathspec[,[ui:]pathspec]...
/usr/sbin/dop -a priv[,priv]... [ui:]pathspec
/usr/sbin/dop -d action
/usr/sbin/dop [-w | -W]
OPTIONS
Invokes a prompt asking the user if they want to run the command as a user or as root. The root password is required to run as root.
Attempts to run the action with the user privileges. Adds new actions to the dop database. Deletes an existing action from the dop data-
base. Writes a binary image without changing the source. Updates the actionlist from the dop action file and then executes the -w option,
which writes the binary image.
OPERANDS
Name of privileged program to invoke Arguments to pass to the application guarded by the privilege. Comma separated privilege list (see
sysman dopconfig) The fully qualified path name and arguments for the associated action.
When specified by a comma separated pathlist and arguments for multiple user interface domains (ui:), the first ui: argument speci-
fied is used as the default. If no action is specified, then the path base name is used. A run-time argument replaces the first
occurrence of asterisk as a word (for example *) in a string, or else they are ignored. Path arguments should be quoted per the cur-
rent shell. Optional. A user interface domain, typically one of X11, suit, java, menu, cui, or cli.
DESCRIPTION
The dop (Division of Privileges) command can execute an action after proper authentication from the privilege database file. For more
information, see the Security guide.
RESTRICTIONS
You must have root privileges to modify the privileges database.
EXAMPLES
The following example will add an action to the AccountManagement privilege. dop -a AccountManagement adduser_script /usr/sbin/adduser
The following example runs the action adduser_script for the AccountManagement privilege. dop adduser_script
The following example deletes the adduser_script action from the action database. dop -d adduser_script
FILES
Executable file. Executable file for adding or deleting permissions for users and or groups. dop database.
SEE ALSO
Commands: sysman(8)
dop(8)