[sudo-users] Users and Groups aliases?

David Barr dafydd at dafydd.com
Fri Oct 4 11:47:20 MDT 2013

Good Morning!

I'm stuck on sudo 1.7.2p1 off of Oracle EL 5 (which is customized RHEL 5).

Looking at the sudoers man page on the host, I can create

User_Alias   SERVICEACCT = svcuser
Runas_Alias  SVCUSERS = user1, user2
Runas_Alias  SVCGROUPS = group1, group2
Cmnd_Alias   SVCCMDS = command1, command2 arguments2

But, apparently, I can't use both SVCUSERS and SVCGROUPS. If I try this:


with visudo, I get

visudo: Warning: unused Runas_Alias SVCGROUPS

Is that deliberate? May I only tell a service account what users it can run as?

This is related to automating some processes for the Oracle team (which is to say I don't have good visibility into exactly what they're doing). They tell me that they need to do things as oracle:oper, or oracle:dba, or grid:asmadmin, or whatever.



David - Offbeat		http://dafydd.livejournal.com
dafydd - Online		http://pgp.mit.edu/
Battalion 4 - Black Rock City Emergency Services Department


Rene Descartes walks into his neighborhood watering hole. The publican sees him and asks, "Will you have your usual, sir?"

Descartes ponders a moment and replies, "I think not."

And promptly disappears...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/sudo-users/attachments/20131004/0aff24ce/attachment.bin>

More information about the sudo-users mailing list