[sudo-users] special sudo definition assistance
Dagg Stompler
daggs at gmx.com
Tue Aug 21 15:11:16 EDT 2012
Hello to all,
I have a special scenario that I need to work with and I thought using sudo for that.
I have two files, executor an executor.db in ~ateam_boss. executor updates the content executor.db and both files are 775 and of user and group ateam_boss.
I have a couple of users in group ateam which need to run executor, the issue is, that I need to run executor as part of group ateam_boss to be able to update the db file a as the SUDO_USER because executor is an SDL program and it doesn't work on user ateam_boss.
I've tried the following entries:
%ateam ALL = NOPASSWD: /home/ateam_repo/executor
%ateam ALL =(%ateam_boss) NOPASSWD: /home/ateam_repo/executor
but it didn't worked, I got this far:
dagg at NCC-5001-D ~ $ sudo -u ${USER} -g ateam_boss /home/ateam_repo/executor
Password:
Sorry, user dagg is not allowed to execute '/home/ateam_repo/executor' as dagg:ateam_boss on NCC-5001-D.
dagg at NCC-5001-D ~ $ sudo -u ${USER} /home/ateam_repo/executor
Sorry, user dagg is not allowed to execute '/home/ateam_repo/executor' as dagg on NCC-5001-D.
is it possbile to do what need? if so, what am I doing wrong?
Thanks.
More information about the sudo-users
mailing list