Hi,
I am using solaris 10. Requirement is I need to give sudo access to the normal id's to the application userid.
Example:I have an personal id calle "rzynv5" on the solaris server.I have an application id called "gmdidp".Requirement here is when user logged in as rzynv5 next thing he should be able sudo to the application id.
sudo su gmdidp.
Also, how to configure user activity tracking here on the sudo activities
Advance thanks for your replies.
sudoers:
rzynv5 ALL=(gmdidp)command
Invoke as
sudo -u gmdidp command
More help:
man sudo
man sudoers
sudo is not part of Solaris 10. The better way of doing things is to use the RBAC facility provided in Solaris 10.
Thanks for you response.I could see sudo and sudoers files exist on the server.I have put the below code in sudoers file but it did not work for me.
vi sudoers
rzynv5 ALL=gmdidp
wq!
Error:
sudo: parse error in /opt/sfw/etc/sudoers near line 38
sudo: no valid sudoers sources found, quitting
Actually nothing is present and it is empty line at 38.
I have tried below code as well and even it did not work.
User_Alias GMDIDP_USER = gmdidp
Cmnd_Alias GMDIDP_CMD = /usr/bin/su - rzynv5,
GMDIDP_USER ALL= (ALL) GMDIDP_CMD
asking for password:
sudo su - gmdidp
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
Password:
[/COLOR][/EMAIL][/FONT][/COLOR]
For the sudo -u form you are missing the command!
For example,
put to sudoers
rzynv5 ALL = (gmdidp) /bin/bash
and run
sudo -u gmdidp /bin/bash
When prompted for password you type the password for rzynv5.