Greetings all,
I am trying to make use of sudo for some batch processing (batch program
executes as one user and needs to sudo a database load script as a different
user). The users I am referencing in /etc/sudoers are NIS users.
I have the following relevant entries in my /etc/sudoers file:
User_Alias BATCH=MRBATCH
Host_Alias CAPRICORN=capricorn
Cmnd_Alias SDE_SCRIPTS=/path/to/script1.sh, path/to/script2.sh, ...
Runas_Alias SDE=sde
BATCH CAPRICORN=(SDE) SDE_SCRIPTS
Which I think should let the user in the BATCH alias run the commands in the
SDE_SCRIPTS alias as the user in the SDE alias on the host in the CAPRICORN
alias.
When I /etc/sudoers after editing with /usr/local/bin/visudo I get the
following:
Warning: Undeclared User_Alias 'MRBATCH' referenced near line 14
where line 14 is the User_Alias line.
I have another NIS user (my own logon) in sudoers with permissions to run
all commands as root ( ADRIAN CAPRICORN=(ROOT) ALL ) and this works without
a problem.
I saw in the list archive that someone had issues with sudo being broken
because of groups being in NIS as well as /etc/group so removed the
duplicate (MRBATCH was in users group which existed in NIS and /etc/group)
group from /etc/group. The MRBATCH user only exists in NIS, not in
/etc/passwd. The user has a unique UID and as I said, I can 'su' to the
MRBATCH user without a problem.
Any help appreciated. I will summarise responses.
TIA,
Adrian Blount
Security & Internet Engineer
Solution 6 AlphaWest
E-Mail: adrian.blount_at_alphawest.com.au
Phone: +61 8 9429 6100
The Valuer General's Office of WA
Phone: 61 8 9429 8400
Web:
http://www.vgo.wa.gov.au
Location: Level 2, 18 Mount St, Perth, Western Australia
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the helpdesk (helpdesk_at_vgo.wa.gov.au).
This email message has been swept for the presence of computer viruses.
Received on Fri Jan 12 2001 - 03:41:16 NZDT