Yves Goergen wrote: > what i would like to do: > a php-based web-interface should be able to run some special system commands in the name of another user, i.e. 'apache' needs to 'makemaildir /some/path' as 'exim'. In the future if you would word wrap your postings to some column such as column 72 it would be most appreciated. Those long lines are hard to read. Thanks. > how i tried this: > installed the sudo package and edited the sudoers file with visudo: > Defaults !lecture > Defaults !authenticate > Host_Alias LOCAL = localhost, debian2 > apache LOCAL=(exim) /usr/courier/bin/maildirmake > what happened then: > "Sorry, user apache is not allowed to execute '/usr/local/bin/maildirmake /tmp/xx' as exim on debian2." Another poster mentioned the path difference which is probably your problem. But I am not sure !authenticate is the best plan. I would instead specify that certain commands don't need a password. Like this: apache LOCAL=(exim) NOPASSWD: /usr/local/bin/maildirmake > i've found some postings like "sudo is bad - no, sudo is good" today. i don't know whether it's good or bad, atm it's simply not suitable for my needs, though i'm convinced there must be a solution to this. anyway, i'm open for totally different approaches to get my maildir with another uid... only it must be fully automatable (no interactive questions or passwords!). sudo is good. :-) Bob
Attachment:
pgpajKt3iHxQY.pgp
Description: PGP signature