Since /usr is will be read-only on zone, its not possible to do any changes on sudo configuration from shared zones. Use visudo command from global zone for below tasks.
1. Create alias for each zones with corresponding hostnames.
Host_Alias ZONE1=zone1.example.com
Host_Alias ZONE1=zone2.example.com
2. Use above alias for each line as below (user1 has privileges for below command on zone1 and user2 has zone2. Its is mandatory the user should exists on global zone.)
user1 ZONE1=NOPASSWD:/usr/bin/passwd, /usr/sbin/useradd, /usr/sbin/usermod
user2 ZONE2=NOPASSWD:/usr/bin/passwd, /usr/sbin/useradd, /usr/sbin/usermod
No comments:
Post a Comment