Recipe 5.3 Running Commands as Another User via sudo
5.3.1 Problem
You want one user to run commands as
another, without sharing passwords.
5.3.2 Solution
Suppose you want user smith to
be able to run a given command as user jones.
/etc/sudoers:
smith ALL = (jones) /usr/local/bin/mycommand
User smith runs:
smith$ sudo -u jones /usr/local/bin/mycommand
smith$ sudo -u jones mycommand If /usr/local/bin is in $PATH
User smith will be prompted for his own password, not
jones's. The
ALL keyword, which matches anything,
in this case specifies that the line is valid on any host.
5.3.3 Discussion
sudo exists for this very reason!
To authorize root privileges for smith, replace
"jones" with
"root" in the above example.
5.3.4 See Also
sudo(8), sudoers(5).
|