HPE Community
Operating System - HP-UX
1759248 Members
2841 Online
108882 Solutions
New Discussion юеВ

how to give sudo access to a non-root user for non-root access

 
SOLVED
Go to solution
sanwin
Frequent Advisor

тАО11-28-2008 02:00 AM

тАО11-28-2008 02:00 AM

how to give sudo access to a non-root user for non-root access

Hi,
How to grant sudo access to a non-root user for a non-root user access.
eg: john needs sudo access for abhi user.

where abhi is another user.

how can we set this access. Please help me.

john -- primary group-- groupa
secondary group -- groupb, groupc.

abhi -- primary group abhi.

so how to put an entry visudo for the above requirement.

please help.

thanks!!

regards,
sanwin

0 Kudos
Reply
6 REPLIES 6
Analyst
Trusted Contributor

тАО11-28-2008 02:10 AM

тАО11-28-2008 02:10 AM

Re: how to give sudo access to a non-root user for non-root access

1.edit sudoers file, or give vi sudo.
2.add the user name in that.
if needed mention the commands that he can execute.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО11-28-2008 02:13 AM

тАО11-28-2008 02:13 AM

Re: how to give sudo access to a non-root user for non-root access

I suppose you could allow john to run a script that just does a "su - abhi".
This leaves the user there in a shell.
0 Kudos
Reply
Sagar Sirdesai
Trusted Contributor

тАО11-28-2008 02:31 AM

тАО11-28-2008 02:31 AM

Solution

Re: how to give sudo access to a non-root user for non-root access

Hi Sanwin
There are a few parameters you need to change one of them is RUN_AS
But I do not remember correcty.

Please send your sudoers file.

I can tell you which parameters to change
Reply
Ivan Krastev
Honored Contributor

тАО11-28-2008 02:49 AM

тАО11-28-2008 02:49 AM

Re: how to give sudo access to a non-root user for non-root access

Try this:

john ALL = (abni) NOPASSWD: ALL


and after that try like user john with:

$sudo -u abni whoami

regards,
ivan
0 Kudos
Reply
sanwin
Frequent Advisor

тАО11-28-2008 02:50 AM

тАО11-28-2008 02:50 AM

Re: how to give sudo access to a non-root user for non-root access

hi all,

thanks for the replies. I think the last reply from you did give me a clue to use run_alias. i am trying that but could find the syntax currently for that.

My sudo file does not have the example in that.

regards,
sanwin
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

тАО11-28-2008 06:00 AM

тАО11-28-2008 06:00 AM

Re: how to give sudo access to a non-root user for non-root access

Ivan's syntax is correct.

The RUN_AS and other aliases are optional: they're useful if you need to e.g. allow several users to access one user.

For example:

User_Alias PRIVILEGEDUSER = john
Runas_Alias TARGETUSER = abhi
PRIVILEGEDUSER ALL=(TARGETUSER) NOPASSWD: ALL

If Paul joins the project and needs the same access as John, you can then change the User_Alias line to:

User_Alias PRIVILEGEDUSER = john, paul

The other two lines won't need to be changed.


As a reminder of the syntax, I sometimes write a comment like this in the sudoers file:

# Who Where = (As Who) does What

MK
MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.