[sudo-users] How userA can run userB's script
erwin_hom at filemaker.com
Mon May 4 20:07:13 EDT 2009
I tried your recommendation but couldn't get it to work.
I'm using Mac OS X (10.5.5).
Here's what I did:
1. Created usera. Password: abc
2. Created userb. Password: xyz
3. added the following entry in /etc/sudoers:
* Defaults:userb targetpw
4. Logged in as userb and created a shell script (echo "hello, this is
Set the permission of the shell script to be runnable only by the userb.
5. Logged in as usera and attempted to execute shell script as userb
with the following
commandLine: "sudo -u userb userbscript.sh"
I entered userb's password when prompted.
This is the message that sudo displayed:
"usera is not in the sudoers file. This incident will be reported."
What did I do wrong? Did I miss a step along the way?
On Apr 28, 2009, at 7:14 AM, Todd C. Miller wrote:
> In message <20FCEE8F-485C-4227-B823-F823BBE55827 at filemaker.com>
> so spake (erwin_hom):
>> There is a setting in sudoers which lets you use the target user's
>> password, i.e.
>> Defaults targetpw
>> But it seems to be a default behavioral change of 'sudo' that affects
>> every users, not just userA, right?
> Correct. However, you can bind that option specifically to userA.
> Defaults:userA targetpw
> and then whenever userA runs sudo he/she will need to use the
> password of the user the command is being run as.
> - todd
More information about the sudo-users