[sudo-users] Pivot user for launching sqlplus
Michael W. Lucas
mwlucas at michaelwlucas.com
Tue Jun 25 11:12:30 MDT 2019
You might also check out env_file and restricted_env_file for nailing
environment variables in place.
On Tue, Jun 25, 2019 at 04:50:36PM +0200, Bram Mertens wrote:
> Also keep in mind that:
> Cmnd_Alias LOADPROFILE = /usr/bin/sh .profile
>
> Allows the user to *execute*, not source the script.
> This will effectively mean that the user will start a subshell that
> will have the right values but those values won't persist in the
> user's environment.
>
> HTH
>
> Bram
>
> On Tue, Jun 25, 2019 at 12:33 AM Todd C. Miller <Todd.Miller at sudo.ws> wrote:
> >
> > Commands run by sudo won't have the shell startup files sourced.
> > That is something that only happens for a login shell. You may be
> > able to achieve what you want by running:
> >
> > sudo -u superora -i sqlplus
> >
> > which will wrap the command in a login shell. This will
> > require that you allow the invoking user to run the target
> > user's shell, though.
> >
> > For example, assuming superora's shell is /bin/sh, this should work:
> >
> > User_Alias SUPERORA = user1, user2
> > SUPERORA ALL=(superora) /bin/sh -c sqlplus, /bin/sh -c sqlplus *
> >
> > Hope that helps.
> >
> > - todd
> > ____________________________________________________________
> > sudo-users mailing list <sudo-users at sudo.ws>
> > For list information, options, or to unsubscribe, visit:
> > https://www.sudo.ws/mailman/listinfo/sudo-users
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> https://www.sudo.ws/mailman/listinfo/sudo-users
--
Michael W. Lucas https://mwl.io/
author of: Absolute OpenBSD, SSH Mastery, git commit murder,
Immortal Clay, PGP & GPG, Absolute FreeBSD, etc, etc, etc...
More information about the sudo-users
mailing list