[sudo-users] sudoers config issues
Loris.Serena at pfpc.ie
Loris.Serena at pfpc.ie
Tue Nov 28 04:00:53 EST 2006
Guys,
I'd like to get a few users to be able to run some informix commands via
sudo as the informix user.
Here are the relevant lines in the sudoers file:
# User alias specification
User_Alias BKUP_ADMIN = user1,user2,user3
# Cmnd alias specification
Cmnd_Alias IMPR_BACKUP = /opt/image/informix/informix/bin/onstat
-l, \
/opt/image/informix/informix/bin/ontape -c, \
/opt/image/informix/informix/bin/ontape
-r, \
/opt/image/informix/informix/bin/ontape
-s, \
/opt/image/informix/informix/bin/onmode
-ky, \
/opt/image/informix/informix/bin/onstat
-d
# User privilege specification
BKUP_ADMIN ALL = (informix) NOPASSWD: IMPR_BACKUP
$ su - user2
bash-2.03$ sudo -l
User user2 may run the following commands on this host:
(informix) NOPASSWD: /opt/image/informix/informix/bin/onstat -l,
/opt/image/informix/informix/bin/ontape -c,
/opt/image/informix/informix/bin/ontape -r,
/opt/image/informix/informix/bin/ontape -s,
/opt/image/informix/informix/bin/onmode -ky,
/opt/image/informix/informix/bin/onstat -d
Now, I have two issues:
1. the NOPASSWD option doesn't seem to be working.
Where do I have to specify it in order to have it work for all the
commands in the IMPR_BACKUP Cmnd_Alias?
bash-2.03$ sudo /opt/image/informix/informix/bin/onstat -l
Password:
2. Even when I do provide the password, the command fails with the
following message:
bash-2.03$ sudo /opt/image/informix/informix/bin/onstat -l
Password:
Sorry, user user2 is not allowed to execute
'/opt/image/informix/informix/bin/onstat -l' as root on server1.
bash-2.03$
Can anyone see what I've done wrong here?
Thanks in advance for your help.
Loris
More information about the sudo-users
mailing list