[sudo-users] allow one user to run commands as another (ie: sudo -u other_user command) in sudoers

Robin Holt holt at sgi.com
Sun Feb 22 00:21:55 EST 2009

On Thu, Feb 19, 2009 at 04:06:07PM -0800, ivar vasara wrote:
> Hi all,
> I've been browsing the sudo-user archives for solutions to my problem and
> have found a few promising recent threads, but nothing exactly what I'm
> looking for. The sudoers man page looks promising, but a solution is far
> from clear for my quandry.
> I would like to allow the 'www-data' user to run commands as the
> 'capistrano' user without requiring a password, and without dropping to
> capistrano's shell (ie: not using 'su'). My attempts have all failed, and so
> far my best guess is the following clause in /etc/sudoers :
> www-data ALL=NOPASSWD: /usr/bin/sudo -u capistrano

I am not sure this is what you want, but I just did

www-data	ALL=(ALL) NOPASSWD: /bin/su - capistrano

and it did what I think you are asking for.


More information about the sudo-users mailing list