June 2003
Intermediate to advanced
336 pages
8h 54m
English
You want one user to run commands as another, without sharing passwords.
Suppose you want user smith to be able to run a given command as user jones.
/etc/sudoers:
smith ALL = (jones) /usr/local/bin/mycommandUser smith runs:
smith$ sudo -u jones /usr/local/bin/mycommand
smith$ sudo -u jones mycommand If /usr/local/bin is in $PATHUser smith will be prompted for his own password, not
jones’s. The
ALL
keyword, which matches anything,
in this case specifies that the line is valid on any host.
sudo exists for this very reason!
To authorize root privileges for smith, replace “jones” with “root” in the above example.
sudo(8), sudoers(5).