[sudo-users] Pivot user for launching sqlplus

[Gabriel Menini]

That's great:


User_Alias SUPERORA = user1, user2
SUPERORA ALL=(superora) /usr/bin/ksh -c sqlplus, /usr/bin/ksh -c sqlplus *, /usr/bin/ksh -c env,  /usr/bin/ksh -c alias


(user1 at oraclehost) /home/user1> sudo -u superora -i env


worked fine, Oracle's env variables are correctly loaded as you said.






OTOH, the alias I set in the /home/superora/.profile:


alias sqlplus='/path/to/bin/sqlplus'


is not being loaded as the enviroment variables did:


(user1 at oraclehost) /home/user1> sudo -u superora -i alias 
Password: 
autoload='typeset -fu'
command='command '
functions='typeset -f'
hash='alias -t -'
history='fc -l'
integer='typeset -i'
local=typeset
nohup='nohup '
r='fc -e -'
stop='kill -STOP'
suspend='if [[ ${0#-} = $0 ]] ; then kill -STOP $$; else dspmsg -s 1 ksh.cat SUSPEND "suspend: cannot suspend login shell
"; fi '
type='whence -v'




I get this:
(user1 at oraclehost) /home/user1> sudo -u superora -i sqlplus usuario/clave                                             
Password: 
ksh: sqlplus:  not found


Regards,
--
Gabriel Menini


-----"Todd C. Miller" <Todd.Miller at sudo.ws> escribió: -----

>Para: "Gabriel Menini" <GMenini at ose.com.uy>
>De: "Todd C. Miller" <Todd.Miller at sudo.ws>
>Fecha: 24/06/2019 19:32
>Cc: sudo-users at sudo.ws
>Asunto: Re: [sudo-users] Pivot user for launching sqlplus
>
>Commands run by sudo won't have the shell startup files sourced.
>That is something that only happens for a login shell. You may be
>able to achieve what you want by running:
>
> sudo -u superora -i sqlplus
>
>which will wrap the command in a login shell. This will
>require that you allow the invoking user to run the target
>user's shell, though.
>
>For example, assuming superora's shell is /bin/sh, this should work:
>
>User_Alias SUPERORA = user1, user2
>SUPERORA ALL=(superora) /bin/sh -c sqlplus, /bin/sh -c sqlplus *
>
>Hope that helps.
>
> - todd
>
El presente correo y cualquier posible archivo adjunto están dirigidos únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo anexando este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. OSE no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información y la Ley de Protección de Datos y Acción de Habeas Data Nº 18.331.

This e-mail and any attachment are confidential and are intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. OSE is not responsible for any communication emitted without respecting our Information Security Policy and the Data Protection Act and Habeas Data Action No. 18.331.