03-09-2005
SUDO - allow user joe to SU to usera
How do I allow regular user Joe to SU to only userA, noone else should be able to su to userA and joe won't be allowed to SU to root or anyone else besides userA. Also How do I allow John to su to root, besides john noone can su to root. Thanks.
Host_Alias SVR = HP1
User_Alias ADMIN = joe
Cmnd_Alias SU= /usr/bin/su
ADMIN SVR = (prod1) SU, !root (is this the right systax?)
ADMIN SVR = (SU) root
Thanks again.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Morning guys, I'm hoping you can advise me as to whether or not the following is possible.
Is there a way of firing off an scp command with a sudo user as the user?
e.g. I am logged onto server1 as smith, but want to pull files from server2 that I can only read as sudo jones.
In my mind it... (3 Replies)
Discussion started by: dlam
3 Replies
2. Linux
Hi all,
What the difference between the sudo users & RBAC when the talk of effects after doing the above comes???
any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies
3. AIX
Run sudo to another user .
I have two users in my AIX system appadmin (Application admin ) and appuser (Application user)
Application Admin user has special permission to run every thing about this application.
I have one script called /usr/app.sh
Only appadmin has permission to run this... (11 Replies)
Discussion started by: Mr.AIX
11 Replies
4. AIX
I have installed sudo on AIX 6100-04 and want to know how do I set it up for a user to be able to run only some commands? I want to give the user the rights to only cd to certain directories and run the ls command to name a few? Are there any issues with running sudo when the user is forced to... (2 Replies)
Discussion started by: daveisme
2 Replies
5. UNIX for Dummies Questions & Answers
I am trying to run a command from different user on my server. However when i execute the command it asks for password can you please help.
when i use this command to switch user no password is required
1) sudo su - bilbtf42
when i use
2) sudo su - bilbtf42 cp file1 direcotry1/file1
... (3 Replies)
Discussion started by: blackeyed
3 Replies
6. UNIX for Dummies Questions & Answers
Hi folks,
Here is my question of the day 8-)
I have to provide the ability to sudo su - orapd2 & sudo su - pd2adm for the following people
User A, B, C, D which all of them are part of the group staff.
orapd2 and pd2adm are also users. Users A, B, C, D should not type the password for... (2 Replies)
Discussion started by: 300zxmuro
2 Replies
7. Red Hat
Hi all
I am trying to get this user db2s12 to be able to sudo as user sapr3 to run the sapr3 commands
I have tried so many options with my sudoers file but the single response I get is this :
password for db2s12:
H99A100:db2s12 53> sudo su - sapr3
password for db2s12:
Sorry, try... (3 Replies)
Discussion started by: hedkandi
3 Replies
8. UNIX for Dummies Questions & Answers
Can a user who is not an admin be added to sudoers to allow them to elevate to root and run administrative tasks only from the command line by using sudo, but not be able to perform administrative tasks in any other capacity?
---------- Post updated at 11:07 AM ---------- Previous update was at... (1 Reply)
Discussion started by: glev2005
1 Replies
9. Shell Programming and Scripting
Hi All, I need your expertise to solve my problem, my account has permission to make sudo and su but when I try to switch user in a shell, it does not work with following message:
"Sorry, user jmbeltra is not allowed to execute '/usr/bin/su -c echo HELLO THERE - oracle' as root on dbbr1k01"
I... (4 Replies)
Discussion started by: Axtel
4 Replies
10. AIX
Hello All,
I am trying to grant sudo privileges to a set of users (say tom and jerry) to sudo to another set of users (jim, harry). This is because we don't want to disclose the password of jim and harry.
I did defined the user_alias and runas alias.
%wms ALL = (USR) /usr/bin/su -, where wms... (7 Replies)
Discussion started by: ibmtech
7 Replies
LEARN ABOUT ULTRIX
qmail-users
qmail-users(5) File Formats Manual qmail-users(5)
NAME
qmail-users - assign mail addresses to users
OVERVIEW
The file /var/lib/qmail/users/assign assigns addresses to users. For example,
=joe.shmoe:joe:503:78:/home/joe:::
says that mail for joe.shmoe should be delivered to user joe, with uid 503 and gid 78, as specified by /home/joe/.qmail.
Assignments fed to qmail-newu will be used by qmail-lspawn to control qmail-local's deliveries. See qmail-newu(8). A change to
/var/lib/qmail/users/assign will have no effect until qmail-newu is run.
STRUCTURE
/var/lib/qmail/users/assign is a series of assignments, one per line. It ends with a line containing a single dot. Lines must not contain
NUL.
SIMPLE ASSIGNMENTS
A simple assignment is a line of the form
=local:user:uid:gid:homedir:dash:ext:
Here local is an address; user, uid, and gid are the account name, uid, and gid of the user in charge of local; and messages to local will
be controlled by homedir/.qmaildashext.
If there are several assignments for the same local address, qmail-lspawn will use the first one.
local is interpreted without regard to case.
WILDCARD ASSIGNMENTS
A wildcard assignment is a line of the form
+loc:user:uid:gid:homedir:dash:pre:
This assignment applies to any address beginning with loc, including loc itself. It means the same as
=locext:user:uid:gid:homedir:dash:preext:
for every string ext.
A more specific wildcard assignment overrides a less specific assignment, and a simple assignment overrides any wildcard assignment. For
example:
+:alias:7790:2108:/var/lib/qmail/alias:-::
+joe-:joe:507:100:/home/joe:-::
=joe:joe:507:100:/home/joe:::
The address joe is handled by the third line; the address joe-direct is handled by the second line; the address bill is handled by the
first line.
SEE ALSO
qmail-pw2u(8), qmail-newu(8), qmail-lspawn(8)
qmail-users(5)