[sudo-users] Installing Application without full sudo privilege

Asif Iqbal vadud3 at gmail.com
Fri Feb 13 14:58:41 EST 2009 

On Fri, Feb 13, 2009 at 2:57 PM, Asif Iqbal <vadud3 at gmail.com> wrote:
> On Fri, Feb 13, 2009 at 2:56 PM, Makarand Dongare <mmdongare at gmail.com> wrote:
>> Just use root.sh without complete path as the oracle dba will need to
>> cd to the path and run as sudo ./root.sh. This way it should work
>> fine.
>
> very good idea !!

wait! that is actually bad idea. I can have a file /tmp/root.sh and
the content is exec bash
user can cd to /tmo and run ./root.sh. I think /usr/alias is a safer path

>
>>
>>
>> On 2/13/09, Asif Iqbal <vadud3 at gmail.com> wrote:
>>> On Fri, Feb 13, 2009 at 11:43 AM, Makarand Dongare <mmdongare at gmail.com>
>>> wrote:
>>>> First thing is that Oracle does not need to be installed as root.
>>>> There are couple of scripts that need to be run as rootpre.sh or
>>>> root.sh. Once you do that for app team, they do not need root access
>>>> for anything.
>>>> If you want to give them root access to run those scripts then give it as
>>>> below:
>>>>
>>>> oracle servername=(root) full-path-for-command
>>>
>>> What if the path name is differnet for different env? Can I do it like
>>> this /*/root.sh for path?
>>>
>>>>
>>>> Hope this helps.
>>>>
>>>> Makarand Dongare
>>>>
>>>>
>>>> On 2/13/09, Asif Iqbal <vadud3 at gmail.com> wrote:
>>>>> Hi All
>>>>>
>>>>> My application team needs to install Oracle on hosts. They are asking
>>>>> for full sudo privilege, so that they can install app as root.
>>>>>
>>>>> Is there a lesser privilege that you can suggest then
>>>>>   user ALL=(ALL) ALL
>>>>>
>>>>> Thanks
>>>>>
>>>>> --
>>>>> Asif Iqbal
>>>>> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
>>>>> A: Because it messes up the order in which people normally read text.
>>>>> Q: Why is top-posting such a bad thing?
>>>>> ____________________________________________________________
>>>>> sudo-users mailing list <sudo-users at sudo.ws>
>>>>> For list information, options, or to unsubscribe, visit:
>>>>> http://www.sudo.ws/mailman/listinfo/sudo-users
>>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Asif Iqbal
>>> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
>>> A: Because it messes up the order in which people normally read text.
>>> Q: Why is top-posting such a bad thing?
>>>
>>
>
>
>
> --
> Asif Iqbal
> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
>



-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

More information about the sudo-users mailing list