Wednesday, 3 July 2013

How to Run commands as another user via sudo

Problem: You want one user to run commands as another, without sharing passwords

Solution: Suppose you want user smith to be able to run a given command as user jones.

/etc/sudoers
smith ALL = (jones) /usr/local/bin/mycommand

user smith
smith$ sudo -u jones /usr/local/bin/mycommand
smith$ sudo -u jones mycommand --- if /usr/local/bin/ is in $PATH

user smith will be prompted for his own password, not jones's. The ALL keyword, which matches anything, in this case specifies that the line is valid on any host.



No comments:

Post a Comment