[sudo-users] Granting users the ability to su to another user via sudo
Kevin Shortt
kevinshortt at gmail.com
Thu Sep 30 23:00:24 EDT 2010
So are we saying that the example ruleset provides the end user to ability
to run commands equivalent to "sudo su - username" while each command gets
logged to syslog? (via sudo -i...)
On Thu, Sep 23, 2010 at 9:35 AM, John Adams <jxadams at ualr.edu> wrote:
> That's exactly what I'll do. Thank you, Todd!
>
> On Thu, Sep 23, 2010 at 8:33 AM, Todd C. Miller
> <Todd.Miller at courtesan.com> wrote:
> > In message <0A75C8AF-A002-4226-8451-6F56F5808627 at ualr.edu>
> > so spake John Adams (jxadams):
> >
> >> My request actually specifies two different users to run as. Can I have
> two
> >> entries in sudoers, like this?
> >>
> >> %group ALL=(first_user_to_run_shell_as) /bin/bash
> >> %group ALL=(second_user_to_run_shell_as) /bin/bash
> >>
> >> Allowing, I assume, command line invocations like:
> >>
> >> sudo -i -u first_user_to_run_shell_as
> >
> > That will work, though you can also use a list of runas users like so:
> >
> > %group ALL=(first_user_to_run_shell_as, second_user_to_run_shell_as)
> /bin/bash
> >
> > - todd
> >
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
>
More information about the sudo-users
mailing list