Search This Blog

Monday, 5 July 2010

sudo to run as another non root user

sudo command is a program for some Unix and Unix-like computer operating systems that allows users to run programs with the security privileges of another user (normally the superuser, or root)

Here I explain how to edit sudoers file for granting access to another user (say monitor) to stop and start database (its a part of dba user privilege)

Stop and start scripts (/usr/local/bin/ and /usr/local/bin/ are owned by dba user and only dba has the privileges to run it.

This is the sudo settings for monitor user to run above script as dba user.

Cmnd_Alias DBcmd=/usr/local/bin/,/usr/local/bin/
Runas_Alias  DBAUSER=dba 
monitor     ALL   = (DBAUSER) NOPASSWD: DBcmd

Now monitor user can run above command as dba

$sudo -u dba /usr/local/bin/

No comments:

Post a Comment