[sudo-users] [sudo-workers] Installing Application without full sudo privilege
Brian L Farrell
blfarrell at ra.rockwell.com
Fri Feb 13 10:17:20 EST 2009
If you setup the server properly (system settings for shared memory etc,
account(s), group(s) etc). Then you only need root for the root.sh
script. You can create a script to do the equivalent of the root.sh
taking the oracle SID as an argument to do what you need done as root to
support oracle installs.
For information on analysis of locking down oracle you can check out
for more details.
Then the sudo configuration is really only configuring it so that all
dba's (controlled by a Unix group for simplicity) can run the oracle root
User_Alias DBALIST = %dbagroup
Cmnd_Alias DBA_RUNAS_ROOT_COMMANDS =
DBA ALL = (root) DBA_RUNAS_ROOT_COMMANDS
Hope this helps.
Asif Iqbal <vadud3 at gmail.com>
Sent by: sudo-workers-bounces at courtesan.com
02/13/2009 08:23 AM
sudo-users at sudo.ws, sudo-workers at sudo.ws
[sudo-workers] Installing Application without full sudo privilege
My application team needs to install Oracle on hosts. They are asking
for full sudo privilege, so that they can install app as root.
Is there a lesser privilege that you can suggest then
user ALL=(ALL) ALL
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
sudo-workers mailing list <sudo-workers at sudo.ws>
For list information, options, or to unsubscribe, visit:
More information about the sudo-users