I am trying to use the sudo command and sudoers file correctly so that I can run a command as another user.
I have my sudoers file set up as follows:
beans ALL = (root,apache) NOPASSWD: /opt/renovations/var/script-*.sh
root, apache, and beans are part of the group beans.
Also /opt has 755 permissions, while the /opt/renovations directory and it's sub-directories are owned by the beans user and group.
The command I'm trying to run as beans is:
sudo -n -u apache -i /opt/renovations/var/script-test.sh
-n: is so that I'm not prompted for a password, as this will be run by a cron
-u: is so that I can impersonate the apache user
-i: is so that I simulate a login, and my .profile is loaded. I need this so that I access the environment variables in .profile.
The problem is that when I run the sudo command, I get the following message:
sudo: sorry, a password is required to run sudo
I've tried running this both on AIX and Ubuntu, but the problem is on both systems. This works if I run:
sudo -n -u apache /opt/renovations/var/script-test.sh
But without the -i, my environment does not contain all of the environment variables that I need to be there.
Is there something I need to update in my sudoers file so that this is possible?
visudo -creturn (checks sudoers for errors). Also, can you confirm the full version of AIX (oslevel -s) and the version of sudo installed?beans ALL = (root,apache) NOPASSWD: /usr/bin/ksh -c /opt/renovations/var/script-*.shandbeans ALL = (root,apache) NOPASSWD: /usr/bin/bash -c /opt/renovations/var/script-*.shBut now I get the new error, for example:ksh: /opt/renovations/var/script-test.sh: cannot execute