Timeline for sudo - impersonating a user
Current License: CC BY-SA 3.0
11 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Aug 1, 2014 at 21:29 | history | edited | Gilles 'SO- stop being evil' |
edited tags
|
|
| Aug 1, 2014 at 16:51 | vote | accept | krzyszto | ||
| Aug 1, 2014 at 14:42 | comment | added | krzyszto | Analysing the /var/log/sudolog log file was very helpful to debug above issue (on AIX). | |
| Aug 1, 2014 at 14:26 | answer | added | beans | timeline score: 4 | |
| S Aug 1, 2014 at 14:11 | history | suggested | beans | CC BY-SA 3.0 |
Added a description of when this works without -i
|
| Aug 1, 2014 at 14:02 | comment | added | krzyszto |
Thanks @EightBitTone. So I found solution for this sudoers configuration issue: when -i switch is in use then real command is beans ALL = (root,apache) NOPASSWD: /usr/bin/ksh -c /opt/renovations/var/script-*.sh and beans ALL = (root,apache) NOPASSWD: /usr/bin/bash -c /opt/renovations/var/script-*.sh But now I get the new error, for example: ksh: /opt/renovations/var/script-test.sh: cannot execute
|
|
| Aug 1, 2014 at 13:54 | review | Suggested edits | |||
| S Aug 1, 2014 at 14:11 | |||||
| Aug 1, 2014 at 12:18 | comment | added | EightBitTony | Also, does it work if you list the script name explicitly in sudo rather than the wildcard (and is the filename a symbolic link?). | |
| Aug 1, 2014 at 12:13 | comment | added | EightBitTony |
What does visudo -c return (checks sudoers for errors). Also, can you confirm the full version of AIX (oslevel -s) and the version of sudo installed?
|
|
| Aug 1, 2014 at 11:56 | review | First posts | |||
| Aug 1, 2014 at 11:58 | |||||
| Aug 1, 2014 at 11:56 | history | asked | krzyszto | CC BY-SA 3.0 |