Sudo question
I am responsible for a few servers and somebody else is the
administrator of the IBM Tivoli backup-system. Let us name this user
'toets'. I have created the following sudo-configuration to give him
access to the servers and the authenticate him to execute
tivoli-related programs on the server:
========================
User_Alias RUGSTEUN= toets
alias specification Cmnd_Alias BACKUP =
/opt/tivoli/tsm/client/ba/bin/dsm, \
/opt/tivoli/tsm/client/ba/bin/dsmadmc, \
/opt/tivoli/tsm/client/ba/bin/dsmc, \
/opt/tivoli/tsm/client/ba/bin/dsmagent,\
/opt/tivoli/tsm/client/ba/bin/dsmcad,\
/opt/tivoli/tsm/client/ba/bin/dsmj,\
/opt/tivoli/tsm/client/ba/bin/dsmtca
# User privilege specification
RUGSTEUN ALL= (root) BACKUP
============================
How is it possible that I can enable this user not only to run
programs from this directory, but to kill the process he started when
necessary using SUDO - without enabling him to kill any process on the
machine.
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"And I saw a great white throne, and him that sat on
it, from whose face the earth and the heaven fled
away; and there was found no place for them. And I saw
the dead, small and great, stand before God; and the
books were opened; and another book was opened, which
is the book of life; and the dead were judged out of
those things which were written in the books,
according to their works." Revelations 20:11,12
Reply to: