[sudo-users] Configuring the sudoers file for a DBA
Stephen Carville
scarville at landam.com
Mon Dec 15 11:52:10 EST 2008
On Monday 15 December 2008 03:59, Chris.Schrimshaw at kub.org wrote:
> I need to give access to one of our DBA's to run chfs inside smitty so he
> can add space to his file system.
> I want to remove his root access later, but for now, I want to set it up
> so he can run chfs using smitty, get him used to using it and then yank
> his root access. What is the best way to set this up using the sudoers
> file?
Long time since I had to support AIX but, IIRC, SMIT is just a wrapper that
calls system utilities via a shell to do the actual work. So if oracleguy
runs SMIT as himself then something like this might work:
oracleguy ALL=(root) NOPASSWD:/usr/bin/chfs
> ABC03537 ALL = (root) NOPASSWD: /usr/bin/su - root (but some
> how add------- /usr/sbin/chfs)
--
Stephen Carville <scarville at landam.com>
Systems Engineer
Land America
1.626.667.1450 X1326
============================================================
Any security software design that doesn't assume the enemy
possesses the source code is already untrustworthy.
-- Eric Raymond
More information about the sudo-users
mailing list