first question
David Olbersen
DOlbersen at stbernard.com
Fri Jan 16 17:54:42 EST 2004
Peter Lauda wrote:
> On Fri, 16 Jan 2004, Ladner, Eric (Eric.Ladner) wrote:
>
> > How about
> >
> > sudo su - target_user_name -c "/usr/target_user_home_dir/bin/cmd arg"
Eric's solution is OK -- it works (obviously). It's a little messy though -- you've given sudo access to `su`. That kind of defeats the point of sudo! I think a better solution is to fix your configuration so the original (and indeed, acceptable) command works.
Here's an example from my configuration, snipped so that only relevant portions are shown:
User_Alias DUMPERS = dolbersen, dpresten
Runas_Alias RUNASDUMPER = dumper, root
Host_Alias DUMPHOST = longboard
Cmnd_Alias DUMP = /usr/local/sbin/am*, /usr/local/sbin/AM*
DUMPERS DUMPHOST=(RUNASDUMPER) DUMP
This allows users dolbersen (me) and dpresten (my boss) to run any of the amanda (/usr/local/sbin/am*) or amanda wrappers we've written (/usr/local/sbin/AM*) as either user dumper or user root, only on host longboard.
Hopefully this is enough to get you going in the right direction! You should be able to copy & paste your details into my example :)
--
David Olbersen
iGuard Engineer
St. Bernard Software
15015 Avenue of Sciences
San Diego, CA 92127
x2152
More information about the sudo-users
mailing list