sudo command is a program for some Unix and Unix-like computer operating systems that allows users to run programs with the security privileges of another user (normally the superuser, or root)
Now monitor user can run above command as dba
$sudo -u dba /usr/local/bin/dbstop.sh
Here I explain how to edit sudoers file for granting access to another user (say monitor) to stop and start database (its a part of dba user privilege)
Stop and start scripts (/usr/local/bin/dbstop.sh and /usr/local/bin/dbstart.sh) are owned by dba user and only dba has the privileges to run it.
This is the sudo settings for monitor user to run above script as dba user.
Cmnd_Alias DBcmd=/usr/local/bin/dbstop.sh,/usr/local/bin/dbstart.sh
Runas_Alias DBAUSER=dba
monitor ALL = (DBAUSER) NOPASSWD: DBcmd
Now monitor user can run above command as dba
$sudo -u dba /usr/local/bin/dbstop.sh
No comments:
Post a Comment