[sudo-users] Runas Query.
kevinshortt at gmail.com
Mon Mar 19 10:46:30 EDT 2012
What does "sudo -l" say?
And another glaring question: Why are you using sudo to run a script as
the same user?
Your error states "user tia is not allowed.." and you have the "runas" i.e
(tia) set to tia.
On Mon, Mar 19, 2012 at 7:13 AM, <Gary.Haden at saga.co.uk> wrote:
> We're getting the following message when trying to run a sudo command -
> Sorry, user tia is not allowed to execute
> '/saga/opt/TIA/dev1/object/pgm/backgr/shl/F1095.shl' as root on draco.
> However we want it to run as user tia (not root) and the line in the
> sudoers file reflects this -
> TD2GRP DRACO=(tia) /usr/local/setuids/tiadaemon2,
> These are the other parameters we have in the file -
> Host_Alias DRACO = draco
> User_Alias TIAGRP = devaxs, devupg
> User_Alias ORAGRP = devaxs, devupg
> User_Alias TD2GRP = devaxs, devupg, tia
> Defaults !authenticate
> Defaults:TIAGRP runas_default=tia
> root ALL=(ALL) ALL
> TIAGRP DRACO=
> (tia) /saga/app/oracle/forms_gen/fgen_tia,
> ORAGRP DRACO=
> (oracle) /saga/app/oracle/proc_gen/proc.shl, /saga/bin/remote_forms.sh
> oracle DRACO=
> (root) /saga/app/oracle/forms_gen/fix_fmx,
> /saga/app/oracle/forms_gen/fix_file, /saga/app/oracle/class_gen/fix_class,
> TD2GRP DRACO=
> (tia) /usr/local/setuids/tiadaemon2,
> Any ideas what needs to be added/removed/changed?
> The /usr/local/setuids/tiadaemon2 which is on the same line works and the
> only differences are in the owner and permissions so should I be changing
> -rwxr--r-- 1 tia dev 764 28 Jun
> 2006 /saga/opt/TIA/dev1/object/pgm/backgr/shl/F1095.shl
> -rwxr-xr-x 1 root system 3764 16 Mar
> 08:53 /usr/local/setuids/tiadaemon2
> Please consider the environment before printing this email
> The opinions expressed in this e-mail are those of the individual and not
> necessarily the company. This e-mail and attachment[s] are confidential to
> the sender and are solely for use by the intended recipient.
> Saga Services Limited: Company Registration No. 732602
> Saga Publishing Limited: Company Registration No. 2152564
> The above companies are wholly owned subsidiaries of Saga Group Limited.
> Saga Holidays is a registered trading name of Acromas Holidays Limited:
> Company Registration No. 2174052
> Saga Shipping is a registered trading name of Acromas Shipping Limited:
> Company Registration No. 3267858
> Saga Personal Finance is a registered trading name of Acromas Financial
> Services Limited: Company Registration No. 3023493
> Saga Group Limited: Company Registration No. 638891
> All companies registered at: Enbrook Park, Sandgate, Folkestone, Kent CT20
> Saga Charitable Trust is a UK registered charity No. 291991
> Saga Services Limited is authorised and regulated by the Financial
> Services Authority.
> Acromas Financial Services Limited is authorised and regulated by the
> Financial Services Authority.
> Acromas Holidays Limited is an appointed representative of Automobile
> Association Insurance Services Limited which is authorised and regulated by
> the Financial Services Authority.
> Acromas Insurance Company Limited is authorised by the Financial Services
> Commission, Gibraltar.
> This e-mail and attachment[s] has been scanned for the presence of
> computer viruses. Saga accept no responsibility for computer viruses once
> this e-mail has been transmitted.
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
More information about the sudo-users