https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745130#M43455 Hi All,<BR /><BR />Thank you for your time. Request you to help with the sudoers issue I am facing.<BR /><BR /><BR />I am trying to make use of Runas_Alias feature of sudoers. Some how I am not able to. Hope someone can help me. Thanks in advance.<BR /><BR />I want the script /app2/run to be run as user "operator" when executed by the user engg. The /app2/run is just a sample script with "id" command in it for testing purpose. Anyways, here is the contents<BR /><BR /><BR />Code:<BR /><BR />$ cat run<BR />#!/bin/ksh<BR />echo "-----------------------------------------------"<BR />id<BR />echo "-----------------------------------------------"<BR /><BR /><BR />In /etc/sudoers, I have the following entry<BR /><BR /><BR />Code:<BR /><BR />#<BR />Runas_Alias OP=operator<BR />engg ALL = (OP) NOPASSWD: /app2/run<BR /><BR /><BR />I executed it using the -u option but no luck. I also tried giving the uid instead of username.<BR /><BR /><BR />Code:<BR /><BR />$ sudo -u operator ./run<BR />sudo: unable to execute /app2/run: Permission denied<BR /><BR /><BR />Is there anything I am doing wrong?<BR /><BR />Here is my unix box version<BR /><BR />Code:<BR /><BR />$ uname -a<BR />Linux flx1208 2.6.21_mvlcge510-pc_target-x86_em64t-Malban10-cge5 #1 SMP PREEMPT RT Thu Nov 18 07:12:50 CST 2010 x86_64 GNU/Linux<BR /><BR /><BR />Normal sudoers works, I mean if I have entry like<BR /><BR /><BR />Code:<BR /><BR />engg ALL = NOPASSWD: /app2/run<BR /><BR /><BR />And on execution<BR /><BR /><BR />Code:<BR /><BR />$ sudo ./run<BR />-----------------------------------------------<BR />uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),4(adm)<BR /><BR /><BR />-----------------------------------------------<BR /><BR /><BR />Thank You,<BR />Ahamed Fri, 28 Jan 2011 00:49:11 GMT ahamed.en 2011-01-28T00:49:11Z https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745130#M43455 Hi All,<BR /><BR />Thank you for your time. Request you to help with the sudoers issue I am facing.<BR /><BR /><BR />I am trying to make use of Runas_Alias feature of sudoers. Some how I am not able to. Hope someone can help me. Thanks in advance.<BR /><BR />I want the script /app2/run to be run as user "operator" when executed by the user engg. The /app2/run is just a sample script with "id" command in it for testing purpose. Anyways, here is the contents<BR /><BR /><BR />Code:<BR /><BR />$ cat run<BR />#!/bin/ksh<BR />echo "-----------------------------------------------"<BR />id<BR />echo "-----------------------------------------------"<BR /><BR /><BR />In /etc/sudoers, I have the following entry<BR /><BR /><BR />Code:<BR /><BR />#<BR />Runas_Alias OP=operator<BR />engg ALL = (OP) NOPASSWD: /app2/run<BR /><BR /><BR />I executed it using the -u option but no luck. I also tried giving the uid instead of username.<BR /><BR /><BR />Code:<BR /><BR />$ sudo -u operator ./run<BR />sudo: unable to execute /app2/run: Permission denied<BR /><BR /><BR />Is there anything I am doing wrong?<BR /><BR />Here is my unix box version<BR /><BR />Code:<BR /><BR />$ uname -a<BR />Linux flx1208 2.6.21_mvlcge510-pc_target-x86_em64t-Malban10-cge5 #1 SMP PREEMPT RT Thu Nov 18 07:12:50 CST 2010 x86_64 GNU/Linux<BR /><BR /><BR />Normal sudoers works, I mean if I have entry like<BR /><BR /><BR />Code:<BR /><BR />engg ALL = NOPASSWD: /app2/run<BR /><BR /><BR />And on execution<BR /><BR /><BR />Code:<BR /><BR />$ sudo ./run<BR />-----------------------------------------------<BR />uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),4(adm)<BR /><BR /><BR />-----------------------------------------------<BR /><BR /><BR />Thank You,<BR />Ahamed Fri, 28 Jan 2011 00:49:11 GMT https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745130#M43455 ahamed.en 2011-01-28T00:49:11Z https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745131#M43456 Hi,<BR />$ sudo -u operator ./run<BR />sudo: unable to execute /app2/run: Permission denied<BR /><BR />This means operator user has no right to execute /app2/run file. Can you check the permissions of /app2/run?<BR /><BR />Regards. Fri, 28 Jan 2011 06:21:13 GMT https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745131#M43456 Turgay Cavdar 2011-01-28T06:21:13Z https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745132#M43457 Hi,<BR /><BR />Initially I didn't give permission for executing the script /app2/run for neither of the users - operator and engg. <BR /><BR />I thought the below line in /etc/sudoers would give the permission for the user operator to execute the script<BR /><BR />operatorALL = NOPASSWD: /app2/run<BR /><BR />And this line would give the permission for the user engg to execute and associating the Runas_Alias will make it execute as the user operator<BR /><BR />Runas_Alias OP=operator<BR />engg ALL = (OP) NOPASSWD: /app2/run<BR /><BR />But I guess I was wrong. Now when I gave the permission for the user operator to execute /app2/run, su -u operator /app2/run is successful when execute from engg user login.<BR /><BR />I hope now my understanding is correct or if there is any different concept altogether?<BR /><BR />Thanks a lot for the crucial clue :)<BR /><BR />regards,<BR />Ahamed. Fri, 28 Jan 2011 10:21:10 GMT https://community.hpe.com/t5/operating-system-linux/help-on-sudoers-and-runas-alias/m-p/4745132#M43457 ahamed.en 2011-01-28T10:21:10Z