Login or Register to Ask a Question and Join Our Community


Red Hat

sudo from userA to userB

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat sudo from userA to userB
# 1  
Old 12-22-2011
sudo from userA to userB
Hi all

I am trying to get this user db2s12 to be able to sudo as user sapr3 to run the sapr3 commands

I have tried so many options with my sudoers file but the single response I get is this :

Code:
[sudo] password for db2s12: 
H99A100:db2s12 53> sudo su - sapr3
[sudo] password for db2s12: 
Sorry, try again.

This is my current sudoers file:

Code:
visudo: /etc/sudoers.tmp unchanged
[root@H99A100 etc]# more sudoers
## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
## 
## This file must be edited with the 'visudo' command.

## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhap using 
## wildcards for entire domains) or IP addresses instead.
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2


## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname 
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem

##Runas_alias specification

Runas_Alias DBA = sapr3

## Command Aliases
## These are groups of related commands...


## Networking
#Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr
/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
#Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
#Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database
#Cmnd_Alias LOCATE = /usr/bin/updatedb

## Storage
#Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
#Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp 

## Processes
#Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers

# Defaults specification
Defaults    log_year, logfile=/var/log/sudo.log

#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear. 
#         You have to run "ssh -t hostname sudo <cmd>".
#
Defaults    requiretty

#
# Refuse to run if unable to disable echo on the tty. This setting should also be
# changed in order to be able to use sudo without a tty. See requiretty above.
#
Defaults   !visiblepw

Defaults    env_reset
Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
                        LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
                        LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
                        LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
                        LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
                        _XKB_CHARSET XAUTHORITY"

## Next comes the main part: which users can run what software on 
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere 
root    ALL=(ALL)       ALL
nttd_jp1 ALL=(ALL) ALL

db2s12 ALL = /usr/bin/sudo sapr3
db2s12 ALL=(DBA) ALL

## Allows members of the 'sys' group to run networking, software, 
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the 
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

I have tried to set command alias, user alias and host alias but everything has failed. I am using RHEL 5.7
# 2  
Old 12-22-2011
I'm not sure I understood you well, but you're putting sudo inside a sudoers file. There isn't any restriction to do that but it looks weird when running a command:
Code:
sudo sudo su - someuser

Try this instead in your sudoers:
Code:
db2s12   ALL = /bin/su sapr3, /bin/su - sapr3

This User Gave Thanks to verdepollo For This Post:
hedkandi
# 3  
Old 12-22-2011
hi verdepollo

sorry for the confusion, and thank you very much for the help

this command worked:

Code:
db2s12   ALL = /bin/su sapr3, /bin/su - sapr3

I was able sudo su - to sapr3

Code:
H99A100:db2s12 52> sudo su - sapr3
[sudo] password for db2s12: 
[sapr3@H99A100 ~]$ logout

thank u again!

---------- Post updated at 07:38 PM ---------- Previous update was at 07:37 PM ----------

hi admin, please close the thread
# 4  
Old 01-03-2012
Solved
Please close this thread
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Red Hat

Sudo to user other than root but do not allow sudo to root

I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Discussion started by: westmoreland
1 Replies

2. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

3. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

4. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

5. AIX

sudo log and sudo auditing

Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run? sudo.log only contains sudo event, no activity logging. (3 Replies)
Discussion started by: jalite19
3 Replies

6. Cybersecurity

sudo /bin/sh or sudo su -

we are looking at changing the way we get root on our network. in our current system if an admin needs root access he just gets the root password and uses an su. some of our staff have decided that a sudo to "/bin/sh" will be easer. some of our staff think a sudo to "su -" will be better. I... (0 Replies)
Discussion started by: robsonde
0 Replies

7. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

8. UNIX for Advanced & Expert Users

copying of files by userB, dir & files owned by userA

I am userB and have a dir /temp1 This dir is owned by me. How do I recursively copy files from another users's dir userA? I need to preserve the original user who created files, original group information, original create date, mod date etc. I tried cp -pr /home/userA/* . ... (2 Replies)
Discussion started by: Hangman2
2 Replies

9. UNIX for Dummies Questions & Answers

SUDO - allow user joe to SU to usera

How do I allow regular user Joe to SU to only userA, noone else should be able to su to userA and joe won't be allowed to SU to root or anyone else besides userA. Also How do I allow John to su to root, besides john noone can su to root. Thanks. Host_Alias SVR = HP1 User_Alias ADMIN = joe... (0 Replies)
Discussion started by: sajjad02
0 Replies
Login or Register to Ask a Question