One user to su to another without allowing root access and password


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users One user to su to another without allowing root access and password
# 1  
Old 04-10-2017
One user to su to another without allowing root access and password

Hello Gurus,
I want One user to su to another without allowing root access and password.
I want to run a specific command as below from user am663:
---------------------------------------------------------
Code:
sudo -u appsprj4 /home/appsrj4/scripts/start_apache.sh

-------------------
But everytime I am facing the below error
Code:
[sudo] password for am663:
sudo: /home/appsrj4/scripts/stop_oacore.sh: command not found

----------
Below is the entry from /etc/sudoers file:
------------------------
Code:
am663   ALL=(appsprj4)          NOPASSWD: /home/appsprj4/scripts/start_apache.sh
am663   ALL=(appsprj4)          NOPASSWD: /home/appsprj4/scripts/stop_apache.sh
am663   ALL=(appsprj4)          NOPASSWD: /home/appsprj4/scripts/start_oacore.sh
am663   ALL=(appsprj4)          NOPASSWD: /home/appsprj4/scripts/stop_oacore.sh
am663   ALL=(appsprj4)          NOPASSWD: /u03/oracle/EBSDEV/fs1/inst/apps/EBSDEV_emaprjebs01/admin/scripts/adapcctl.sh
am663   ALL=(appsprj4)          NOPASSWD: /u03/oracle/EBSDEV/fs1/inst/apps/EBSDEV_emaprjebs01/admin/scripts/admanagedsrvctl.sh

Please advice on this.

Thanks-
Pokhraj
Moderator's Comments:
Mod Comment Please use CODE tags (not HTML and ICODE tags) for full line and multi-line sample input, sample output, and code segments.

Last edited by Don Cragun; 04-10-2017 at 10:04 AM.. Reason: Change HTML and ICODE tags to CODE tags; add ICODE tags.
# 2  
Old 04-10-2017
Code:
sudo -u appsprj4 /home/appsprj4/scripts/start_apache.sh

Note the missing red letter p.
# 3  
Old 04-12-2017
Awesome.. Thank you very much...

Thanks
Pokhraj
# 4  
Old 04-18-2017
Hello Gurus,
I am having one more issue while running the command.
HTML Code:
sudo -u appstst1 /stage/scripts/git_Code.ksh
When I am running the above command from user am663 all the files are downloaded as below:
HTML Code:
drwxr-xr-x 2 appstst1 oinstall 4096 Apr 18 13:00 FIN_EXT_004
drwxr-xr-x 2 appstst1 oinstall 4096 Apr 18 13:00 FIN_EXT_003
Now when I am trying to change the ownership to oemuser I am facing error as
Quote:
Operation not permitted
HTML Code:
oemuser:oinstall
Is there is any extra configuration I need to add at /etc/sudoers file?

Please advice

Thanks-
Pokhraj Das
# 5  
Old 04-18-2017
An application running as user appstst1 creates files belonging to appstst1, yes.

If the files are not overly large, you can get around this by making copies of the files(which will belong to you) then deleting the originals(you can delete any file in a writable folder you own).
# 6  
Old 04-18-2017
Hello ,
Can you please elaborate the concepts please..

Thanks-
Pokhraj Das
# 7  
Old 04-18-2017
A non-root user cannot change the ownership of someones else's file. One way to solve this problem is to have both users be a member of the same group and allow group access to the files. Since you are using the group oinstall now, you may want to create a separate group for this.

Set the primary group for the account that is executing the download (appstst1 in this case) to that new group so that the files are created with that group ownership. If you want the secondary user to also be able to delete/rename/etc these files then you should also set the umask in the script prior to performing the download

Code:
umask 007

This will set permissions on new files/directories created during that session to 770.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Giving password reset access to non-root user, in LDAP

Hi, We have two LDAP servers. Whenever we get a ticket to reset the password, we login to LDAP primary server and reset the password. For below example, I logged into primary LDAP server and resetting password to john to Welcome123# We are giving this work to tier-1 team, so that they can reset... (1 Reply)
Discussion started by: ron323232
1 Replies

2. Ubuntu

Root access that can't change root password?

We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies

3. Shell Programming and Scripting

How to give root access to non root user?

Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal. I want to give some users a root level access. Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way Regards ADI (4 Replies)
Discussion started by: adisky123
4 Replies

4. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

5. Shell Programming and Scripting

access user history as root

Hi, I need to access a user's command history. However, the dilemma is that he is logged in and so his current history is not yet flushed to .bash_history file which gets flushed when he logs out. Is there a way I can still access his most recent history? thank you, S (4 Replies)
Discussion started by: sardare
4 Replies

6. Solaris

I can not access root user through LAN

Dear i have installed Solaris 10 on SUN V240 after installation i can not access system through root user if i access system through any other user it conects but root is not connecting through LAN if i connect through SC and then access root though cosole -f command it also works kindly... (6 Replies)
Discussion started by: rizwan225
6 Replies

7. UNIX for Dummies Questions & Answers

Change other account password from root access

Hi, I have forgotten my personal account password but I still have the root access to the box. Please tell me how can I change my other account password by logging as root. Thanks. Rakesh :D (4 Replies)
Discussion started by: rakeshou
4 Replies

8. HP-UX

user commands without root access

Hi I have been asked to find out how to 1) create users 2) reset passwords 3) kill processes that may require root privileges without having root password, sudo rights or rights to passwd command Any ideas? Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies

9. Linux

how to access root priveliges if root password is lost

wish to know how to access root password it root password is forgotten in linux (1 Reply)
Discussion started by: wojtyla
1 Replies

10. Cybersecurity

Allowing access to ports < 1024 w/o root

I need to set up an application to run in a script which will be running as a web server but is a database. I need to allow users to use the web server but the app must be run as root in order for the ports to be accessible. This is not a very secure environment would like to know how this could... (2 Replies)
Discussion started by: rpollard
2 Replies
Login or Register to Ask a Question