[sudo-users] give user ability to run cmd as root or to su to a list of users

Beck, Joseph jbeck at seic.com
Wed Jul 12 18:12:58 EDT 2006


there's about 10 different roles that our tuxedo processes run as & I
need the wily user to be able monitor these.

So, we need to cron a bunch of different jobs.


The monitor script is extensive and was written by our tuxedo admin


There's a wrapper script to call Monitor.sh:

su $1 -c "/apps/wily/epagent/epaplugins/quartz/Monitor.sh $1"


Due to numerous access of logs reasons the monitor script must run as
the various roles

I'm not sure if I should set up a sudo rule to allow wily to run
anything in 


As root with nopasswd set


Or if I should create a rule giving the wily user the ability to su to a
set list of users & not require a password.


Either way, I'm not sure the correct syntax & I'm wondering what the
better approach is.



Here's a few things I've tried, but keep getting prompted for passwords:

# steve         CSNETS = (operator) /usr/local/op_commands/

# wily          SERVERS = (root) /apps/wily/epagent/epaplugins/quartz/

# wily          ALL (root) /usr/bin/su ALL

wily            SERVERS = (root) NOPASSWD:


Joe Beck Ciber Inc. - a consultant to SEI  One Freedom Valley Drive |
Oaks, PA 19456 | p: 610.676.2258 | jbeck at seic.com


More information about the sudo-users mailing list