I edited sudoers by hand however it should give you something to aim towards ...
[root@orable76 ~]# grep angus /etc/sudoers angus ALL=NOPASSWD: /usr/bin/su - appuser [root@orable76 ~]# su - angus Last login: Fri Jan 22 17:01:30 CET 2021 on pts/0 [angus@orable76 ~]$ sudo su - appuser Last login: Fri Jan 22 17:01:31 CET 2021 on pts/0 [appuser@orable76 ~]$ Regards Angus ________________________________ From: Russ Long via FreeIPA-users <[email protected]> Sent: 22 January 2021 16:33 To: [email protected] <[email protected]> Cc: Russ Long <[email protected]> Subject: [Freeipa-users] Allow "sudo su - USER" to only the specified user I'm trying to come up with a Sudo rule that will allow a user to "su" to only a single specified user. I need to give a DBA access to the oracle user account. This serverfault article details exactly what I want to do, however this is not for FreeIPA. I've tried creating a sudo command that's "/usr/bin/su - USER" and other variations to no avail. I've also tried creating a sudo rule that allows all commands to be run as "USER". _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.fedoraproject.org%2Fen-US%2Fproject%2Fcode-of-conduct%2F&data=04%7C01%7C%7Cc5865f04ac9742ca5c0e08d8beeb23c1%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637469264416962239%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=0Ct2BwekRyBxRQElO93Z%2B%2BjhjHLKOteW0rnj4SS3LnY%3D&reserved=0 List Guidelines: https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedoraproject.org%2Fwiki%2FMailing_list_guidelines&data=04%7C01%7C%7Cc5865f04ac9742ca5c0e08d8beeb23c1%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637469264416962239%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qBXXBRnzVBEuvk0hyvxvZwWQyzTYud9f%2Fr19Y6yuOxY%3D&reserved=0 List Archives: https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.fedorahosted.org%2Farchives%2Flist%2Ffreeipa-users%40lists.fedorahosted.org&data=04%7C01%7C%7Cc5865f04ac9742ca5c0e08d8beeb23c1%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637469264416962239%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zm%2F5%2Fat1R%2BfsgvRn7UrYAFk5aDlwwCLu8V5HMQBSAX0%3D&reserved=0
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
