[sudo-users] Pivot user for launching sqlplus

Gabriel Menini GMenini at ose.com.uy
Mon Jun 24 14:37:36 MDT 2019 

Hi, there.


I managed to create a ``superora'' user to be invoked using sudo. The ``superora'' user will have to inherit some Oracle needed environment variables or, in case it can't, at least be able to load the .profile where such variables are being exported.
Also, there is an alias in /home/superora/.profile which points to the correct sqlplus binary.


This is what I have in sudoers file:


User_Alias    SUPERORA = user1, user2


Cmnd_Alias SQLPLUSBIN = /path/to/bin/sqlplus *
Cmnd_Alias LOADPROFILE = /usr/bin/sh .profile
Cmnd_Alias MYENVIRONMENT    = /usr/bin/env


SUPERORA ALL=(superora) SQLPLUSBIN, LOADPROFILE, MYENVIRONMENT






I run the command and it seems the binary is OK but environment variables aren't being loaded:


(user1 at orahost) /home/user1> sudo -u superora sqlplus
Password: 
Error 6 initializing SQL*Plus
SP2-0667: Message file sp1<lang>.msb not found
SP2-0750: You may need to set ORACLE_HOME to your Oracle software directory
(user1 at orahost) /home/user1> 




Any hints will be appreciated.
Thanks.


Regards,
--
Gabriel Menini
El presente correo y cualquier posible archivo adjunto están dirigidos únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo anexando este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. OSE no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información y la Ley de Protección de Datos y Acción de Habeas Data Nº 18.331.

This e-mail and any attachment are confidential and are intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. OSE is not responsible for any communication emitted without respecting our Information Security Policy and the Data Protection Act and Habeas Data Action No. 18.331.

More information about the sudo-users mailing list