sudo
Version
Version
sudo --version
Usage
Usage
Configuration & Logging
Configuration & Logging
Configuration is held in:
/etc/sudoers
You should edit this file with:
visudo
On OEL7, the sudo log is found in:/var/log/secure
On AIX, the sudo log is found in:/var/log/sudo.log
On AIX, the sudo log is found in:/var/log/sudo.log
e.g.
cat secure | grep patcher
Apr 28 17:25:22 delphi sudo: oracle : TTY=pts/0 ; PWD=/mnt/u01/dba/patcher ; USER=root ; COMMAND=/u01/dba/patcher/perms.shApr 28 17:25:46 delphi sudo: oracle : command not allowed ; TTY=pts/0 ; PWD=/mnt/u01/dba/patcher ; USER=root ; COMMAND=/bin/ls
Running commands as non-login users
Running commands as non-login users
For example, when you install MySQL/Percona Server using yum, by default you get a 'mysql' user with a login shell of /bin/false. It seems like good security to keep things like this. But, what can you do if you need to run something as 'mysql', like cron scheduling a backup? ...
sudo -u mysql -s crontab -l
Examples
Examples
Add a user to the sudo group to allow them to run any command...
usermod -a -G sudo myuser
Assumes this default line is present in /etc/sudoers...%sudo ALL=(ALL:ALL) ALLAdd this line to the /etc/sudoers file (using visudo) to allow user 'oracle' to run /u01/dba/patcher/perms.sh as 'root' on the host 'delphi' without needing a password...
oracle delphi = (root) NOPASSWD: /u01/dba/patcher/perms.sh
Bibliography
Bibliography