If a non-sudo user tries to use the sudo command, it is logged as a security event. The user can run commands with elevated privileges for a short time (default 15 minutes). Now tom can su oracle and if you need to give other users the same access, add them to oracle group. Syntax To start using sudo, use the following syntax: sudo command When the sudo command is used, a timestamp is entered in the system logs. This will allow any user that is part of the to su add auth rule lines so the section looks like this: # This allows root to su without passwords (normal operation)Īuth pam_succeed_if.so user = Īuth sufficient pam_succeed_if.so use_uid user ingroup Now edit /etc/pam.d/su and under the following: # This allows root to su without passwords (normal operation) Note: In your case, you already have the group because oracle group would have been created when you made the oracle user with adduser oracle. The SU just needs to place your normal user account in the sudoers group, and then youre allowed by the system to use the sudo command. The group changes might not take affect until next login. Usermod -a -G (or usermod -a -G oracle tom). Then add that group to each user that you want to be able to su to that user without a password: (Don't laugh, we don't need anything fancy.) I tried login tina and that didn't work. I would like to be able to login as another user, like 'tina', so I can test her sudoer permissions. In my situation I needed to allow multiple users to su to a specific user.Ĭreate a group using addgroup that other users will be able to su to without a password. 2 Redhat Enterprise Linux 5.10 (No we can't upgrade.) This is related to my other question. It does not grant the privileges that apt-get needs to operate as that needs the effective root permissions that just running sudo apt-get would provide. I needed to do this to a system recently and had a hard time finding my notes on the alternate setup i used years ago that also allowed the syntax su. Sudoers privilege only permits a user that is logged in to use sudo and to define what they can or cannot do with the sudo command. Follow the steps below to create a new user account and give it sudo access. For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |