Hello everyone
I have a question.
Its possible to type smitty mksysb using sudo ?
I have a partition and install sudo I create a user for use sudo.
I make a test with sudo and command line for the mksysb and its ok
sudo mksysb -i /dev/rmt0 and I can make my mksysb.
My question is if I can use smitty mksysb using sudo
Thanks for your comments
Yes, you could do so but it would be VERY UNWISE to do it: sudo starts a shell (as root) and executes your command in it, then the shell is closed again. Suppose you do a "sudo ls -l": sudo opens a shell as root in this shell "ls" is executed under root privileges, then "ls" terminates, then the root shell terminates.
Now suppose you start a command which doesn't end immediately but is an interactive program like "ksh" or "smit": instead of doing its work it will expect the user to enter commands, which will be executed as - root, of course! The same is true for SMITty: start SMITty via sudo as root, use the "open shell" facility and you are root in this shell.
This means: if you allow anybody to use an interactive program via sudo you could also allow him to su to root directly. In effect it is the same.
I hope this helps.
bakunin
Corollary: i once worked in a bank where the "security department" (trained monkeys with a jargon file learned by heart) had insisted on using sudo for virtually every task. Additionally several files were only read/write for root and these files had to be edited sometimes. For this they set up a sudo-command like "vi /path/to/some/file". I simply used this command, did a shell escape from the vi - and had a root shell for my convenience. They are still wondering how i could advise them about their configuration problems (they had a lot) without having any access to the machine while their own administrators being root were still analysing.
It's so easy when you're evil.... :rolleyes: