- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- sudo question
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 05:36 PM
тАО06-03-2009 05:36 PM
sudo question
On one of our HP-UX 11.11 servers I have sudo configured to allow user joe to execute script /opt/submit as user ivan.
User joe executes the following command as himself and enters his password when prompted.
$ sudo -u ivan /opt/submit
The /opt/submit script requires ivan's environment variables to execute properly but when joe executes this command it's using his environment variables and not ivan's.
How would I address this?
By the way we're running sudo version 1.6.3.
Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 07:13 PM
тАО06-03-2009 07:13 PM
Re: sudo question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 08:17 PM
тАО06-03-2009 08:17 PM
Re: sudo question
sudo -u ivan ". ~ivan/.profile; /opt/submit"
but you will have to change the sudoers file.
or
sudo su - ivan /opt/submit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 09:11 PM
тАО06-03-2009 09:11 PM
Re: sudo question
You can try this ,
#sudo -i -u ivan /opt/submit
Rgds
Johnson
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 09:28 PM
тАО06-03-2009 09:28 PM
Re: sudo question
If a script requires a specific environment, set it in the script. Never trust that the users environment will be correct. By setting the environment in the script, you KNOW it will always be correct.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 10:16 PM
тАО06-03-2009 10:16 PM
Re: sudo question
Please list of who can run what
/etc/sudoers
thanks and regards
Sajjad Sahir
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-04-2009 11:44 PM
тАО06-04-2009 11:44 PM
Re: sudo question
sudo su - ivan -c "/opt/submit"
do gain this acces you need to change the sudo config:
joe ALL=(ALL) PASSWD:/usr/bin/su - ivan -c /opt/submit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-05-2009 02:16 AM
тАО06-05-2009 02:16 AM
Re: sudo question
I guess that you could also set the Defaults for user joe by setting env_keep in sudoers and listing which of joe's environment variables which would otherwise be unset (apart from LOGNAME, HOME etc. even when invoked as "sudo -i -u joe /opt/submit".
Though I haven't tried it, it might work.
As root run visudo.
Then add this to your sudoers:
Defaults:joe env_keep="JOES_ENV_VAR1 JOES_ENV_VAR2...JOES_ENV_VARN"
Substitute JOES_ENV_VAR? above by those variables of joe's login environment that you wish to be preserved. The variables in the double quotes need to be delimited by whitespace.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-05-2009 02:21 AM
тАО06-05-2009 02:21 AM
Re: sudo question
But I guess you can gather how it's meant.
Also the line break of my Deafults line shouldn't appear in the sudoers file. this was only caused by the webserver after having submitted my reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-05-2009 12:01 PM
тАО06-05-2009 12:01 PM
Re: sudo question
We upgraded sudo from version 1.6.3 (which didn't have the "-i" option - simulate initial login) to version 1.7.1 (which does have the "-i" option). We also had to add the korn shell /usr/bin/ksh to /etc/sudoers.
Once that was done, user joe could execute the /opt/submit script as ivan with ivan's environment variables by running the following:
$ sudo -i -u ivan /opt/submit
Thanks again for the help.