[sudo-users] allow one user to run commands as another (ie: sudo -u other_user command) in sudoers

ivar vasara ivar at oobik.com
Thu Feb 19 19:06:07 EST 2009

Hi all,

I've been browsing the sudo-user archives for solutions to my problem and
have found a few promising recent threads, but nothing exactly what I'm
looking for. The sudoers man page looks promising, but a solution is far
from clear for my quandry.
I would like to allow the 'www-data' user to run commands as the
'capistrano' user without requiring a password, and without dropping to
capistrano's shell (ie: not using 'su'). My attempts have all failed, and so
far my best guess is the following clause in /etc/sudoers :

www-data ALL=NOPASSWD: /usr/bin/sudo -u capistrano

I've also tried specifying commands at the end since ideally I could
restrict the commands available, but this is an internal server and just
being able to get www-data to run anything as capistrano would be great.

Thanks for your time.

More information about the sudo-users mailing list