SUDO AIX (WHITING Russell)
Dana Kaempen
decay at flash.net
Tue Nov 13 14:44:32 EST 2001
Russell -
You may need to look at this from a different perspective. sudo works best at (I hesitate to say "was intended for") running single commands as root or another user, not for allowing a user to have an open session as the su'd user. You *can* do that, but it pretty much destroys the thought that went into sudo, which is to give a non-root user some specific privileges as an alternate user.
For your example, to give a user a capability as Oracle, try something like this:
sudo -u oracle SomeOracleTask
where SomeOracleTask is what the user is allowed to run
You should note that SomeOracleTask in the example above should not allow the user to shell out, since then they would be free in the system w/the oracle user's permissions.
FYI, I'm running sudo on a number of AIX 4.3.3 systems, and it's doing exactly what we need it to do. Sometimes it takes a bit of trial & error to get your config file set up as you'd like, but that only helps you get a fuller understanding of how to use all the options. Great program, that sudo. Thanks, Todd!
--
..d..ecay
mailto:decay at flash.net
------------------------
"Keep the wheels rolling." - Anonymous traffic prophet
More information about the sudo-users
mailing list