Find the answer to your Linux question:
Results 1 to 3 of 3
(disclaimer - I am a new Linux admin, got dropped into the deep end of a RHEL deployment so I'm learning as I go here!) I'm trying to get 'sudo' ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2013
    Posts
    9

    Question issues getting sudo to behave


    (disclaimer - I am a new Linux admin, got dropped into the deep end of a RHEL deployment so I'm learning as I go here!)

    I'm trying to get 'sudo' to work for my database admins, and I think I have the syntax right but they're not getting the access that they think they need.

    They are all in the 'dba' group on the database server, and it is their primary group.

    In my /etc/sudoers file I have the line:
    %dba ALL=(oracle) NOPASSWD: ALL

    which, in theory (I think) should give members of the 'dba' group the ability to run all commands that the oracle user can run, without having to enter a password using the sudo command.

    Now, when they run the command:
    sudo su - oracle
    they get the error
    Sorry, user <users>is not allowed to execute '/bin/su - oracle' as root on <server>.

    This is throwing me off, because sudo should allow them to "su" to oracle to keep from having to sudo every single command they want to run. I'm so confused!

    Thanks for any advice or explanations you can provide.

  2. #2
    Linux Enthusiast meton_magis's Avatar
    Join Date
    Oct 2006
    Location
    arizona
    Posts
    699
    The command
    Code:
     sudo su - orace
    attempts to run `su - oracle` as root.
    You're looking for
    Code:
     sudo -u oracle -i
    the -i is "open an interactive session" and -u is "as user oracle".
    New to the internet, technical forums, or the hacker / open source community??
    Read this to learn good posting habits http://www.catb.org/~esr/faqs/smart-questions.html

    RHCE for RHEL version 5
    RHCT for RHEL version 4

  3. #3
    Just Joined!
    Join Date
    Feb 2013
    Posts
    9
    "sudo su - oracle" attempts to run 'su - oracle' as root -- so are you saying that the default sudo user is root, even if I don't specify it in my sudo command? I thought that's what "su" is for.

    OK, I just ran "sudo date" and I was prompted for 'oracle' password. I ran "sudo su" and was denied.... this makes sense now, since running "su" requires root privilege. Thank you!

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •