dropdown menu

SUDO install:

rpm -Uvh sudo*rpm               <--installing from rpm
visudo                          <--editing /etc/sudoers file

example:

ftpuser         ALL=(ALL)       NOPASSWD: ALL    <--which user, on which host, with or without pw, what command can run

cuteadm         ALL=(ALL)       NOPASSWD: /usr/sbin/iptrace, /usr/bin/startsrc, /usr/bin/stopsrc
(do not make too long line, put a line break ("\") if needed, otherwise I had problems)

su - ftpuser
sudo <scriptname>                <--he can run a script (if he were root)

-----------------------------

An example /etc/sudoers file:

# User alias specification
User_Alias      SYS_ADMIN=user1,user2,user3
User_Alias      USR_ADMIN=user4
User_Alias      GRP_ADMIN=user4

# Cmnd alias specification
Cmnd_Alias      ALFA01    =     /usr/local/ALFA01/local/bin/alfa01.sh

Cmnd_Alias      MON_CMNDS=/b10/app/mon/bb/bin/1_prog.sh, \
                /b10/app/mon/bb/bin/2_prog.sh, \
                /b10/app/mon/bb/bin/3_prog.sh, \

Runas_Alias     MON=user5

# User privilege specification
root    ALL=(ALL) ALL

SYS_ADMIN      ALL=NOPASSWD:ALL
USR_ADMIN      ALL= (ALL) NOPASSWD:ALFA01
GRP_ADMIN      ALL= (ALL) NOPASSWD: MON_CMNDS
##
# Override builtin defaults
##
Defaults               syslog=auth
Defaults               logfile=/var/log/sudo.log

8 comments:

  1. Where can I download sudo package for AIX 7.1 & the file should be in .bff

    Please adivce me ..

    Thanks in advance :-)

    ReplyDelete
    Replies
    1. I know only rpm fileset, which can be downloaded here: http://www-03.ibm.com/systems/power/software/aix/linux/toolbox/date.html
      I would ask IBM support if bff is needed

      Delete
    2. Thanks for your post :-)
      I found latest sudo version in offical sudo site..but I'm confused with sudo package ..
      http://www.sudo.ws/sudo/download.html
      sudo.1.8.6.8.aix53.pam.bff.gz
      sudo.1.8.6.8.aix53.lam.bff.gz
      I was confused with PAM & IAM
      Which package we need to install ..
      Any help ..it would be great :-)

      Delete
    3. I'm not familiar with this PAM and LAM, but probably this will help: http://www.feep.net/PAM/AIX/

      Delete
    4. Thank you very much :-)

      Delete
    5. which one you used PAM or IAM?

      Delete
  2. I am having an problem while running a script which requires su -

    The command that I need to run is -
    echo -e "* ACL_type NFS4\n s:(EVERYONE@): a rwpRWxDaAdcCos\n s:(OWNER@): a rwpRWxDaAdcCos\n s:(GROUP@): a rwpRWxDaAdcCos"|aclput /mount_ACL_233

    Now from root, the command is running fine on one of the NFS export which is connected to the AIX client, but the problem comes when i want to run this command from one particular user -

    bash-4.2# su - user_g -c "echo -e "* ACL_type NFS4\n s:(EVERYONE@): a rwpRWxDaAdcCos\n s:(OWNER@): a rwpRWxDaAdcCos\n s:(GROUP@): a rwpRWxDaAdcCos"|aclput /mount_ACL_233"
    bash: syntax error near unexpected token `('

    user_g is an user who has sufficient ACL rights to change the ACL of the mountpoint there. There is no other error/problem from me related to permission of the user. Just I am unable to get how to get the actual error-free single command line for this?

    I have tried it with that user only and it passed. But I want to run the whole command in single line. Can anyone help?

    ReplyDelete
    Replies
    1. Hi, I think problem is with the placing of the character: ". In the manual of the command 'su', there is an example:

      To run the backup command with root user authority and then return to your original shell, enter:
      su root "-c /usr/sbin/backup -9 -u"

      In this example the " character is starting before the -c parameter. It looks strange, but using it this way works for me.

      Delete