SUMMARY: sudo version 1.6.7p5 : using -H -u options on Solaris 8
From: David Stapleton (nefarus_at_hotmail.com)
Date: 12/16/03
- Previous message: James Noyes: "Summary: Setting TWO ffb resolutions in OBP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: sunmanagers@sunmanagers.org Date: Tue, 16 Dec 2003 08:45:40 +0000
Hi all,
Many thanks to those that responded, as expected all responses were helpful.
In essence, using the -H -u option only designates the homedir of the target
user but does NOT initialise any of the profile initialisation scripts such
as .profile, .login or whatever variant of the shell you are using.
Hence the variables, as was pointed out, were never lost, they weren't there
in the first place.
The solutions, in pretty much their original form, are as follows:
a) Use a command line syntax something like the following;
$ sudo su - oracle -c 'command to pass to oracle'
b) To set up an alias in the sudoers file something like the following;
alias orac 'sudo su - oracle -c'
This will allow you to do the thing that the user oracle requires while also
allowing access to oracle's $HOME, $PATH, etc. by using the following;
$ orac "<required command>"
Note the double quotes; since they are required for 'su - user -c', they are
also required for the orac alias.
c) To create shell wrapper scripts owned by the target secured user with
correct permissions set, etc. which have the required commands within them
as well as PATH variables, et al. The idea is to allow any other user, as
designated in the sudoers file who requires to use the command, to sudo to
the script and not the actual command.
Again thanks to all who responded - my original note is below.
Regards,
David S.
==== original, (relevant), note ====
Hi all (again),
I must apologise as my original example seems to have put the trust of the
question
into one of shell expansion rules and not what I really wanted to find out,
my fault for not thinking and for not giving a good example.
The main trust of my question is really this, when executing the command :
$ sudo -H -u oracle env
some of the variables are lost, for example, if I su to the oracle user
there is a CLASSPATH variable set which, as the oracle user I can see by
typing `echo $CLASSPATH` or I can also see it easily if I use the "env"
command as oracle and grep out CLASSPATH.
If I use the sudo command above while logged in as user X, I would expect
the output to be the same as if I used "env" as oracle.
Although some variables are correct, for example, when I use the above
command, the "env" output correctly tells me that the SUDO_USER is "X" and
that the USER is oracle BUT it doesn't pass over all variables, such as
CLASSPATH, etc. which are set up for oracle.
I hope that this is a little clearer and apologies for the stupid example.
(original note below) and I WILL summarise.
David S.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: James Noyes: "Summary: Setting TWO ffb resolutions in OBP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
