[sudo-users] Using SUDO without the Prompt

Ladner, Eric (Eric.Ladner) Eric.Ladner at chevrontexaco.com
Wed Feb 2 14:54:52 EST 2005 

About the only thing I can think of is wrapping everything in a script,
which is more trouble than it's worth.  You'd have to wrap everything,
and they'd have to know where the wrapper was, etc.  

Trust me, I've been using sudo for years.  Once you use it for about a
week and a half, you don't even notice typing it any more. 

The only other transparent thing I can think of is this:

sudo /bin/ksh

After that, you don't have to type sudo any more because you're running
in a root shell.  It defeats the spirit of your standard, though.  I
remember seeing sudosh (http://sourceforge.net/projects/sudosh/) that
gives users a root shell, but it's auditable (tracks all executed
commands).  Might be an option.


Eric Ladner, Systems Analyst 
RFMS IT Support

-----Original Message-----
From: Julio Moreira [mailto:julio.moreira at portonline.com.br] 
Sent: Wednesday, February 02, 2005 2:38 PM
To: Ladner, Eric (Eric.Ladner); sudo-users at sudo.ws
Subject: RE: [sudo-users] Using SUDO without the Prompt

Eric,

I appreciate your answer but, in fact, sam is one example of all
contents... I have approximately 50 RISC servers *nix, including HP-UX,
SOLARIS, AIX ,et all... Plus, we have some Linux flavors...

We wrote a Standard on which we said that the "root user must be used
only in emergency; for daily job, all support analist must be able to
manage our servers without root."

I would like to implement sudo just to make job easy and, most
important, make that transparent to my analists.

Can I make some configuration to hide sudo command ?


On Wed, 2 Feb 2005 13:18:30 -0600, "Ladner, Eric (Eric.Ladner)"
<Eric.Ladner at chevrontexaco.com> escreveu:

> De: "Ladner, Eric (Eric.Ladner)" <Eric.Ladner at chevrontexaco.com>
> Data: Wed, 2 Feb 2005 13:18:30 -0600
> Para: "Julio Moreira " <julio.moreira at portonline.com.br>, 
> sudo-users at sudo.ws
> Assunto: RE: [sudo-users] Using SUDO without the Prompt
> 
> Well, users will ask you for a big red shiny button that says "Do My 
> Job" on it, too.  It's an extra 5 characters for Pete's sake..
> 
> On the good side, HP-UX SAM has a protected mode where you can assign 
> root level access to selected areas inside SAM (i.e. give user Bill 
> acess to create a user, but that's it).  Look at the man page under 
> "Restricted Sam".
> 
> Eric Ladner, Systems Analyst
> RFMS IT Support
> 
> -----Original Message-----
> From: sudo-users-bounces at courtesan.com 
> [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Julio Moreira
> Sent: Wednesday, February 02, 2005 1:58 PM
> To: sudo-users at sudo.ws
> Subject: [sudo-users] Using SUDO without the Prompt
> 
> Hi All,
> I'm new to sudo... I just have installed on my environment, and the 
> users asked me if they can execute "root" commands without using the 
> word sudo on prompt. for example.:
> 
>  To use "sam" on HP-UX machine, I would like to prompt only 
> "/home/adm/sam" as normal user instead of "/home/adm/sudo sam"
> 
> I appreciate any samples of this thing, if its possible.
> 
> Thank's a lot,
> Julio
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws> For list information, 
> options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
> 
> 
> 
> 
>

More information about the sudo-users mailing list