I'm configuring a sudo Runas_Alias in the sudoers file on a hp-ux 11.31 system. The goal is to allow some hp-ux accounts to sudo to a service account and run commands as that user. Here's the related sudoers entries:
User_Alias DMSTAFF = %dmstaff
Runas_Alias DMALIAS = dmadmin
DMSTAFF ALL = (DMALIAS) NOPASSWD: ALL
For example, testuser1 belongs to the dmstaff hp-ux group, so he is allowed to run commands as dmadmin like this:
sudo -u dmadmin [some command]
or
sudo -Hu dmadmin [some command] (preserve's target user's home dir)
It works very well and sudo commands are logged to our sudo.log.
However, sudo is not sourcing important env variables that dmadmin requires. These env variables are normally sourced from dmadmin's .shrc file in his home directory.
We can simple allow the users to sudo su - dmadmin by defining a simple Cmnd_Alias, but in that case subsequent commands will not be logged to the sudo.log - a dept. requirement.
Any ideas?