[Freeipa-users] granular sudo commands
Martin Chamambo
chamambom at afri-com.net
Thu Apr 9 00:45:04 UTC 2015
For all my sudo commands i do sudo command_name_here ________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Craig White [CWhite at skytouchtechnology.com]
Sent: Thursday, April 09, 2015 1:52 AM
To: freeipa-users at redhat.com
Subject: [Freeipa-users] granular sudo commands
rpm -q sssd
sssd-1.11.6-30.el6_6.4.x86_64
rpm -q ipa-client
ipa-client-3.0.0-42.el6.x86_64
[test2.user at app001 ~]$ sudo su - weblogic
[sudo] password for test2.user:
Sorry, user test2.user is not allowed to execute '/bin/su - weblogic' as root on app001.stt.local.
[test2.user at app001 ~]$ sudo -l
[sudo] password for test2.user:
Matching Defaults entries for test2.user on this host:
requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS
DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1
PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE
LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY
LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL
LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin, !requiretty
User test2.user may run the following commands on this host:
(ALL) sudo su - tomcat, sudo su – weblogic
How should the actual command be entered? I have tried…
Su – weblogic (ignore autocapitilization)
/bin/su – weblogic
Sudo su – weblogic
Sudo /bin/su – weblogic
But none seem to actually work
Craig White
More information about the Freeipa-users
mailing list