HPE Community
Operating System - HP-UX
1847195 Members
7110 Online
110263 Solutions
New Discussion

SUDO in

 
SOLVED
Go to solution
HPquestion
Regular Advisor

‎12-24-2007 09:56 AM

‎12-24-2007 09:56 AM

SUDO in

We have HP-UX B.11.23 U ia64.From where should I install sudo?

Also any help on SUDO Installation , SUDO upgrade and removal is really apprecaited.

Thanks a lot!
0 Kudos
Reply
29 REPLIES 29
David Bellamy
Respected Contributor

‎12-24-2007 10:13 AM

‎12-24-2007 10:13 AM

Solution

Re: SUDO in

You can get sudo from this site already and depot format.

http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.8p12/
Reply
David Bellamy
Respected Contributor

‎12-24-2007 10:14 AM

‎12-24-2007 10:14 AM

Re: SUDO in

You can get sudo from this site already in depot format.

http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.8p12/
Reply
HPquestion
Regular Advisor

‎12-24-2007 10:38 AM

‎12-24-2007 10:38 AM

Re: SUDO in

Thanks! Is it an HP site ? I heard HP has some express site to use. Please let me know that that link .

Also how easy is to remove SUDO if it doesn't work for some reason?
0 Kudos
Reply
David Bellamy
Respected Contributor

‎12-24-2007 11:08 AM

‎12-24-2007 11:08 AM

Re: SUDO in

Yes, it's the HP Porting and Archive site you will be able to find a lot of good software there. and using the software in depot format makes it easy to install and remove using the swinstall/swremove commands.
Reply
Patrick Wallek
Honored Contributor

‎12-24-2007 04:08 PM

‎12-24-2007 04:08 PM

Re: SUDO in

I think you are thinking of HP's Internet Express bundle of software. SUDO is part of Internet Express.

The Internet Express site for HP-UX 11i V2 / 11.23 is:

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1123

Reply
HPquestion
Regular Advisor

‎12-25-2007 09:05 AM

‎12-25-2007 09:05 AM

Re: SUDO in

Thank you guys! I really appreciate all your help on this.
Looks like http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.8p12/ has
sudo-1.6.8p12. Is it the right version to use? How to install a depot package using
swinstall/swremove . Please let me know the steps.

Other site specifified by Patric has ixSudo_A.10.00-1.6.9p8.001_HP-UX_B.11.23_IA_PA.depot.
Which one is stable version? Looks like 1.6.9p8 is latest.
Also do I have to install HP-UX Internet Express A.10.00 in order to get SUDO?
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎12-25-2007 09:19 AM

‎12-25-2007 09:19 AM

Re: SUDO in

You do NOT have to install the entire Internet Express package to get sudo. You can download and install individual pieces.

Have a look at the swinstall man page to learn how to install sowftware.
Reply
HPquestion
Regular Advisor

‎12-25-2007 11:42 AM

‎12-25-2007 11:42 AM

Re: SUDO in

Thanks Patrick! Which SUDO version do you recomend? If I install ixSudo_A.10.00-1.6.9p8.001_HP-UX_B.11.23_IA_PA.depot by using swinstall , will it install just sudo or will it include other part of the package as well?
0 Kudos
Reply
HPquestion
Regular Advisor

‎12-26-2007 06:50 PM

‎12-26-2007 06:50 PM

Re: SUDO in

Please let me know :-) Thanks!
0 Kudos
Reply
HPquestion
Regular Advisor

‎12-26-2007 07:12 PM

‎12-26-2007 07:12 PM

Re: SUDO in

I did
swinstall -s /tmp/sudo-1.6.8p12-ia64-11.23.depot to install sudo depot. The below log (swagent.log) said it suceeded .But I am not able to locate any sudo file in the system. Am I missing some thing?

---
* Summary of Analysis Phase:
* 1 of 1 filesets had no Errors or Warnings.
* The Analysis Phase succeeded.


* Beginning the Install Execution Phase.
* Filesets: 1
* Files: 17
* Kbytes: 740
* Installing fileset "sudo.sudo-RUN,r=1.6.8p12" (1 of 1).
* Running install clean command /usr/lbin/sw/install_clean.
NOTE: tlinstall is searching filesystem - please be patient
NOTE: Successfully completed

* Beginning the Configure Execution Phase.

* Summary of Execution Phase:
* 1 of 1 filesets had no Errors or Warnings.
* The Execution Phase succeeded.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎12-26-2007 11:25 PM

‎12-26-2007 11:25 PM

Re: SUDO in

>I am not able to locate any sudo file in the system.

Where did you look?
To find the files you installed you can do:
swlist -l file sudo

(sudo is the SD product on the log.)
Reply
F Verschuren
Esteemed Contributor

‎12-26-2007 11:33 PM

‎12-26-2007 11:33 PM

Re: SUDO in

swlist -l file sudoers, wil give you the sudo file.
to eddit
use "visudo"
you can lokate this via:
swlist -l file visudo.

Reply
Dennis Handly
Acclaimed Contributor

‎12-26-2007 11:49 PM

‎12-26-2007 11:49 PM

Re: SUDO in

>F Verschuren: swlist -l file sudoers
swlist -l file visudo

Neither of these will work if you didn't install a sudoers or visudo SD product.
Did you mean to use ... | grep sudoers ??
If so, this is lots slower than if you can list the SD product or fileset.

If the sudo product puts itself in some $PATH that isn't in /etc/PATH, you may have to re-login.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎12-26-2007 11:58 PM

‎12-26-2007 11:58 PM

Re: SUDO in

You haven't assigned points to any of your responses since you joined the forum. If you are happy with your answers please read the following on how to assign points:
http://forums11.itrc.hp.com/service/forums/helptips.do?#33
0 Kudos
Reply
HPquestion
Regular Advisor

‎12-27-2007 06:04 AM

‎12-27-2007 06:04 AM

Re: SUDO in

Thanks for all your help on this.

I don't see sudoers files or sudo executables..

ricr3tst@/>swlist -l file visudo
# Initializing...
# Contacting target "ricr3tst"...
ERROR: Software "visudo" was not found on host "ricr3tst:/".
ricr3tst@/>visudo
sh: visudo: not found.
ricr3tst@/>sudo
sh: sudo: not found.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎12-27-2007 06:10 AM

‎12-27-2007 06:10 AM

Re: SUDO in

Try what Dennis said:

swlist -l file sudo

(When using swlist you MUST use a product name as an argument NOT a file name. The command above says to list all files associated with the product sudo.)
0 Kudos
Reply
HPquestion
Regular Advisor

‎12-27-2007 06:23 AM

‎12-27-2007 06:23 AM

Re: SUDO in

Thanks again! Looks like they ended up at /usr/local.
Can I put the executable in /usr/bin?
Also how to configure sudoers file in /etc folder and sudolog in some desired location? Please help.

>swlist -l file sudo
# Initializing...
#
# sudo 1.6.8p12 sudo
# sudo.sudo-RUN
/usr/local/bin/sudo
/usr/local/doc/sudo/BUGS
/usr/local/doc/sudo/CHANGES
/usr/local/doc/sudo/HPUX.Install
/usr/local/doc/sudo/INSTALL
/usr/local/doc/sudo/LICENSE
/usr/local/doc/sudo/README
/usr/local/doc/sudo/TODO
/usr/local/libexec/sudo_noexec.a
/usr/local/libexec/sudo_noexec.la
/usr/local/libexec/sudo_noexec.so
/usr/local/man/man1m/sudo.1m
/usr/local/man/man1m/visudo.1m
/usr/local/man/man4/sudoers.4
/usr/local/sbin/visudo
/usr/local/bin/sudoedit
/usr/local/man/man1m/sudoedit.1m
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎12-27-2007 06:46 AM

‎12-27-2007 06:46 AM

Re: SUDO in

>Can I put the executable in /usr/bin?

It depends if they have a hard coded location of files or shlibs.
Try using "ldd sudo" and see if any libs point to /usr/local/.

>Also how to configure sudoers file in /etc folder and sudolog in some desired location?

You might want to look at some of the documents in /usr/local/doc/sudo/.

And invoke the various man pages you just installed:
sudo(1m) visudo(1m) sudoers(4) sudoedit(1m)
Reply
HPquestion
Regular Advisor

‎12-27-2007 06:59 AM

‎12-27-2007 06:59 AM

Re: SUDO in

Thanks Dennis! Another dumb question.
How to add /usr/local/bin information in PATH variable. I checked .profile and it has the following lines. Is it advisable to append/edit PATH here? Where $PATH variable is defined actually ?

----
.profile lines

# Do not put "." in PATH; it is a potential security breach.
# Do not put "/usr/local/bin" in PATH; it is a potential security breach.
# Example assumes /home/root exists.
set +u
PATH=/usr/sbin:$PATH:/sbin:/home/root


----------------
ricr3tst@/>echo $PATH |more
/usr/sbin:/usr/bin:/usr/bin:/usr/ccs/bin:/usr/contrib/bin:/usr/contrib/Q4/bin:/opt/hparray/bin:/opt/nettladm/bin:/opt/fcms/bin:/usr/
contrib/kwdb/bin:/usr/bin/X11:/opt/graphics/common/bin:/opt/upgrade/bin:/opt/ipf/bin:/opt/resmon/bin:/opt/perf/bin:/opt/wbem/bin:/op
t/wbem/sbin:/opt/prm/bin:/opt/sas/bin:/opt/sec_mgmt/bastille/bin:/opt/dsau/bin:/opt/dsau/sbin:/opt/firefox:/opt/gnome/bin:/opt/ignit
e/bin:/opt/mozilla:/opt/perl/bin:/opt/sec_mgmt/spc/bin:/opt/ssh/bin:/opt/hpsmh/bin:/opt/thunderbird:/opt/gwlm/bin:/opt/sfm/bin:/usr/
contrib/bin/X11:/opt/hpnpl//bin:/sbin:/home/root
0 Kudos
Reply
HPquestion
Regular Advisor

‎12-27-2007 08:40 AM

‎12-27-2007 08:40 AM

Re: SUDO in

Never mind, I created links from /usr/bin , so that I don't have to update the PATH variable in .profile.

If I do
sudo su - root , looks like sudo.log doesn't capture the stuff I do after I logon to root account. Is there anyway to capture all the root activity connecting via sudo su - root ?
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎12-27-2007 04:30 PM

‎12-27-2007 04:30 PM

Re: SUDO in

>How to add /usr/local/bin information in PATH variable. I checked .profile and it has the following lines. Is it advisable to append/edit PATH here? Where $PATH variable is defined actually?

You can add it to /etc/profile for every user. Or edit each user's .profile.
Paths are also defined in /etc/PATH.

# Do not put "/usr/local/bin" in PATH; it is a potential security breach.

Well, this suggests you not use this for root.

>I created links from /usr/bin

That's probably fine.

>Is there anyway to capture all the root activity connecting via sudo su - root?

Once you do su, you are in a different shell and ARE root. You may want to set up sudo to do individual commands and not su.
0 Kudos
Reply
HPquestion
Regular Advisor

‎12-28-2007 12:41 PM

‎12-28-2007 12:41 PM

Re: SUDO in

I am trying execute the command as "run as" user. Do we have any way to call a SUDO command so that user X can excute some command as user Y with Y's environment variables?

If I try something like below its not able to set the envirnment variable before executing the command and hence its failing.

$ sudo -u prdadm /usr/sap/PRD/SYS/exe/run/startsap
SAPSYSTEMNAME not set

0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎12-28-2007 10:56 PM

‎12-28-2007 10:56 PM

Re: SUDO in

>Do we have any way to call a SUDO command so that user X can execute some command as user Y with Y's environment variables?

I would assume there would be such an option.
From the manual, -i may do it.
http://www.sudo.ws/sudo/man/sudo.html

>it's not able to set the environment variable

You could write a wrapper script around startsap that sources .profile, then execute startsap.
Reply
HPquestion
Regular Advisor

‎12-29-2007 01:50 PM

‎12-29-2007 01:50 PM

Re: SUDO in

If I do
su -i prdadm /usr/sap/PRD/SYS/exe/run/startsap

it doesn't connect to prdadm. Instead it re-conects as root and trying to execute script name prdadm and causing errors.

My objectinve is to excute /usr/sap/PRD/SYS/exe/run/startsap script as prdadm user ( with the environment vairiables of prdadm) from an ordinary user. How can I do that?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.