How can I allow one user to su to another without allowing root access?How can I create an “su” only user (no SSH or SFTP) and limit who can “su” into that account in RHEL5?allow a user to run command as another user without any password promptAllow user act as root, so he does not need to use sudo each time?Our security auditor is an idiot. How do I give him the information he wants?How to sudo as another user, without specifying the usernameHow can I create an “su” only user (no SSH or SFTP) and limit who can “su” into that account in RHEL5?sudo su - <username> should be possible but sudo su - shouldn't be for sudo userDoes my Oracle DBA need root access?How can I implement ansible with per-host passwords, securely?Allow linux root user mysql root access without passwordsudo permissions without root accessHow to sudo another user without password
How is linear momentum conserved in circular motion?
Teferi's Time Twist and Gideon's Sacrifice
How do you transpose samples in cents?
"Correct me if I'm wrong"
Bent arrow under a node
How can I prevent a user from copying files on another hard drive?
Explicit song lyrics checker
What mathematical theory is required for high frequency trading?
How can a clan of females defend themselves in the ancient world against wandering bands?
Print the new site header
What is the highest power supply a Raspberry pi 3 B can handle without getting damaged?
Is there a term for the belief that "if it's legal, it's moral"?
Counterfeit checks were created for my account. How does this type of fraud work?
Time at 1 g acceleration to travel 100 000 light years
Is there any way to revive my Sim?
King or Queen-Which piece is which?
In the US, can a former president run again?
Is Newton's third law really correct?
How to write a nice frame challenge?
Unrecognized IC Package Style
How Hebrew Vowels Work
Understanding “en comprend”
Would a 7805 5 V regulator drain a 9 V battery?
Make symbols atomic, without losing their type
How can I allow one user to su to another without allowing root access?
How can I create an “su” only user (no SSH or SFTP) and limit who can “su” into that account in RHEL5?allow a user to run command as another user without any password promptAllow user act as root, so he does not need to use sudo each time?Our security auditor is an idiot. How do I give him the information he wants?How to sudo as another user, without specifying the usernameHow can I create an “su” only user (no SSH or SFTP) and limit who can “su” into that account in RHEL5?sudo su - <username> should be possible but sudo su - shouldn't be for sudo userDoes my Oracle DBA need root access?How can I implement ansible with per-host passwords, securely?Allow linux root user mysql root access without passwordsudo permissions without root accessHow to sudo another user without password
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root).
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I imagine this could be done with the /etc/sudoers file - is it possible? If so, how?
linux security sudo
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
add a comment |
I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root).
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I imagine this could be done with the /etc/sudoers file - is it possible? If so, how?
linux security sudo
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
add a comment |
I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root).
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I imagine this could be done with the /etc/sudoers file - is it possible? If so, how?
linux security sudo
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root).
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I imagine this could be done with the /etc/sudoers file - is it possible? If so, how?
linux security sudo
linux security sudo
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
edited Jun 2 '09 at 15:26
gharper
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
asked Jun 2 '09 at 15:13
gharpergharper
4,64642233
4,64642233
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
Yes, this is possible.
In /etc/sudoers the item immediately following the equals is the user that the command will be allowed to execute as.
tom ALL=(oracle) /bin/chown tom *
The user (tom) can type sudo -u oracle /bin/chown tom /home/oracle/oraclefile
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
5
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
11
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
3
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
1
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
|
show 1 more comment
Add to your /etc/sudoers something like
tom ALL=(oracle) ALL
Then user tom should be able to use sudo to run things as user oracle with the -u option, without letting tom
I.e. getting a shell as user oracle (well, given that your sudo is new enough to have the -i option).
sudo -u oracle -i
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
5
I had to use syntaxtom ALL=(oracle)NOPASSWD:ALLto make sudo not to ask password
– snowindy
Dec 4 '15 at 5:45
add a comment |
To ONLY provide the capabilities in the question, add the following to /etc/sudoers:
tom ALL=(oracle) /bin/bash
Then tom can:
sudo -u oracle bash -i
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
add a comment |
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I needed to do this to a system recently and had a hard time finding my notes on the alternate setup i used years ago that also allowed the syntax su <user>. In my situation I needed to allow multiple users to su to a specific user.
Create a group using addgroup <groupName> that other users will be able to su to without a password. Then add that group to each user that you want to be able to su to that user without a password:usermod -a -G <groupName> <userName> (or usermod -a -G oracle tom). The group changes might not take affect until next login.
Note: In your case, you already have the group because oracle group would have been created when you made the oracle user with adduser oracle.
Now edit /etc/pam.d/su and under the following:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
..add auth rule lines so the section looks like this:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
auth [success=ignore default=1] pam_succeed_if.so user = <groupName>
auth sufficient pam_succeed_if.so use_uid user ingroup <groupName>
Replace <groupName> with oracle in this case. This will allow any user that is part of the <groupName> to su <groupName>
Now tom can su oracle and if you need to give other users the same access, add them to oracle group.
similar question here
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
add a comment |
protected by Sven♦ Dec 11 '14 at 22:49
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Yes, this is possible.
In /etc/sudoers the item immediately following the equals is the user that the command will be allowed to execute as.
tom ALL=(oracle) /bin/chown tom *
The user (tom) can type sudo -u oracle /bin/chown tom /home/oracle/oraclefile
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
5
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
11
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
3
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
1
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
|
show 1 more comment
Yes, this is possible.
In /etc/sudoers the item immediately following the equals is the user that the command will be allowed to execute as.
tom ALL=(oracle) /bin/chown tom *
The user (tom) can type sudo -u oracle /bin/chown tom /home/oracle/oraclefile
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
5
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
11
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
3
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
1
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
|
show 1 more comment
Yes, this is possible.
In /etc/sudoers the item immediately following the equals is the user that the command will be allowed to execute as.
tom ALL=(oracle) /bin/chown tom *
The user (tom) can type sudo -u oracle /bin/chown tom /home/oracle/oraclefile
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
Yes, this is possible.
In /etc/sudoers the item immediately following the equals is the user that the command will be allowed to execute as.
tom ALL=(oracle) /bin/chown tom *
The user (tom) can type sudo -u oracle /bin/chown tom /home/oracle/oraclefile
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
edited Jun 2 '09 at 15:24
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
answered Jun 2 '09 at 15:18
Brent Brent
14.7k166196
14.7k166196
5
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
11
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
3
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
1
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
|
show 1 more comment
5
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
11
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
3
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
1
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
5
5
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
This would allow Tom to run commands as oracle, but not to actually become the oracle user
– gharper
Jun 2 '09 at 15:20
11
11
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
What about sudo -u oracle su -? That would give him a shell opened as the oracle user. Is that what you want?
– Brent
Jun 2 '09 at 15:23
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
+1 for that last comment, Brent. That would be my answer.
– Annika Backstrom
Jun 2 '09 at 15:26
3
3
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
Something like the following would work: sudo -u oracle -s or sudo -u oracle -i (-s for shell, -i for login - does a login shell). Unfortunately I don't know offhand what you would use in /etc/sudoers to limit the user, but given that you're allowing them shell access, you probably just want to do tom ALL=(oracle) ALL as someone else mentioned. If they can run a shell, you probably don't care about restriction the commands they can run.
– Mark
Jun 3 '09 at 1:59
1
1
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
Ideally, would you not want Tom to run commands as the oracle user, instead of becoming the oracle user? The distinction is slight, but it provides a great audit log without having to futz with using an audit shell.
– Scott Pack
Jun 16 '09 at 21:05
|
show 1 more comment
Add to your /etc/sudoers something like
tom ALL=(oracle) ALL
Then user tom should be able to use sudo to run things as user oracle with the -u option, without letting tom
I.e. getting a shell as user oracle (well, given that your sudo is new enough to have the -i option).
sudo -u oracle -i
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
5
I had to use syntaxtom ALL=(oracle)NOPASSWD:ALLto make sudo not to ask password
– snowindy
Dec 4 '15 at 5:45
add a comment |
Add to your /etc/sudoers something like
tom ALL=(oracle) ALL
Then user tom should be able to use sudo to run things as user oracle with the -u option, without letting tom
I.e. getting a shell as user oracle (well, given that your sudo is new enough to have the -i option).
sudo -u oracle -i
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
5
I had to use syntaxtom ALL=(oracle)NOPASSWD:ALLto make sudo not to ask password
– snowindy
Dec 4 '15 at 5:45
add a comment |
Add to your /etc/sudoers something like
tom ALL=(oracle) ALL
Then user tom should be able to use sudo to run things as user oracle with the -u option, without letting tom
I.e. getting a shell as user oracle (well, given that your sudo is new enough to have the -i option).
sudo -u oracle -i
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
Add to your /etc/sudoers something like
tom ALL=(oracle) ALL
Then user tom should be able to use sudo to run things as user oracle with the -u option, without letting tom
I.e. getting a shell as user oracle (well, given that your sudo is new enough to have the -i option).
sudo -u oracle -i
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
answered Jun 2 '09 at 15:26
Kjetil JoergensenKjetil Joergensen
5,06412217
5,06412217
5
I had to use syntaxtom ALL=(oracle)NOPASSWD:ALLto make sudo not to ask password
– snowindy
Dec 4 '15 at 5:45
add a comment |
5
I had to use syntaxtom ALL=(oracle)NOPASSWD:ALLto make sudo not to ask password
– snowindy
Dec 4 '15 at 5:45
5
5
I had to use syntax
tom ALL=(oracle)NOPASSWD:ALL to make sudo not to ask password– snowindy
Dec 4 '15 at 5:45
I had to use syntax
tom ALL=(oracle)NOPASSWD:ALL to make sudo not to ask password– snowindy
Dec 4 '15 at 5:45
add a comment |
To ONLY provide the capabilities in the question, add the following to /etc/sudoers:
tom ALL=(oracle) /bin/bash
Then tom can:
sudo -u oracle bash -i
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
add a comment |
To ONLY provide the capabilities in the question, add the following to /etc/sudoers:
tom ALL=(oracle) /bin/bash
Then tom can:
sudo -u oracle bash -i
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
add a comment |
To ONLY provide the capabilities in the question, add the following to /etc/sudoers:
tom ALL=(oracle) /bin/bash
Then tom can:
sudo -u oracle bash -i
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
To ONLY provide the capabilities in the question, add the following to /etc/sudoers:
tom ALL=(oracle) /bin/bash
Then tom can:
sudo -u oracle bash -i
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
answered Dec 11 '14 at 22:44
karimofthecropkarimofthecrop
9111
9111
add a comment |
add a comment |
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I needed to do this to a system recently and had a hard time finding my notes on the alternate setup i used years ago that also allowed the syntax su <user>. In my situation I needed to allow multiple users to su to a specific user.
Create a group using addgroup <groupName> that other users will be able to su to without a password. Then add that group to each user that you want to be able to su to that user without a password:usermod -a -G <groupName> <userName> (or usermod -a -G oracle tom). The group changes might not take affect until next login.
Note: In your case, you already have the group because oracle group would have been created when you made the oracle user with adduser oracle.
Now edit /etc/pam.d/su and under the following:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
..add auth rule lines so the section looks like this:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
auth [success=ignore default=1] pam_succeed_if.so user = <groupName>
auth sufficient pam_succeed_if.so use_uid user ingroup <groupName>
Replace <groupName> with oracle in this case. This will allow any user that is part of the <groupName> to su <groupName>
Now tom can su oracle and if you need to give other users the same access, add them to oracle group.
similar question here
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
add a comment |
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I needed to do this to a system recently and had a hard time finding my notes on the alternate setup i used years ago that also allowed the syntax su <user>. In my situation I needed to allow multiple users to su to a specific user.
Create a group using addgroup <groupName> that other users will be able to su to without a password. Then add that group to each user that you want to be able to su to that user without a password:usermod -a -G <groupName> <userName> (or usermod -a -G oracle tom). The group changes might not take affect until next login.
Note: In your case, you already have the group because oracle group would have been created when you made the oracle user with adduser oracle.
Now edit /etc/pam.d/su and under the following:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
..add auth rule lines so the section looks like this:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
auth [success=ignore default=1] pam_succeed_if.so user = <groupName>
auth sufficient pam_succeed_if.so use_uid user ingroup <groupName>
Replace <groupName> with oracle in this case. This will allow any user that is part of the <groupName> to su <groupName>
Now tom can su oracle and if you need to give other users the same access, add them to oracle group.
similar question here
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
add a comment |
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I needed to do this to a system recently and had a hard time finding my notes on the alternate setup i used years ago that also allowed the syntax su <user>. In my situation I needed to allow multiple users to su to a specific user.
Create a group using addgroup <groupName> that other users will be able to su to without a password. Then add that group to each user that you want to be able to su to that user without a password:usermod -a -G <groupName> <userName> (or usermod -a -G oracle tom). The group changes might not take affect until next login.
Note: In your case, you already have the group because oracle group would have been created when you made the oracle user with adduser oracle.
Now edit /etc/pam.d/su and under the following:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
..add auth rule lines so the section looks like this:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
auth [success=ignore default=1] pam_succeed_if.so user = <groupName>
auth sufficient pam_succeed_if.so use_uid user ingroup <groupName>
Replace <groupName> with oracle in this case. This will allow any user that is part of the <groupName> to su <groupName>
Now tom can su oracle and if you need to give other users the same access, add them to oracle group.
similar question here
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I needed to do this to a system recently and had a hard time finding my notes on the alternate setup i used years ago that also allowed the syntax su <user>. In my situation I needed to allow multiple users to su to a specific user.
Create a group using addgroup <groupName> that other users will be able to su to without a password. Then add that group to each user that you want to be able to su to that user without a password:usermod -a -G <groupName> <userName> (or usermod -a -G oracle tom). The group changes might not take affect until next login.
Note: In your case, you already have the group because oracle group would have been created when you made the oracle user with adduser oracle.
Now edit /etc/pam.d/su and under the following:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
..add auth rule lines so the section looks like this:
# This allows root to su without passwords (normal operation)
auth sufficient pam_rootok.so
auth [success=ignore default=1] pam_succeed_if.so user = <groupName>
auth sufficient pam_succeed_if.so use_uid user ingroup <groupName>
Replace <groupName> with oracle in this case. This will allow any user that is part of the <groupName> to su <groupName>
Now tom can su oracle and if you need to give other users the same access, add them to oracle group.
similar question here
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
answered Jun 2 at 11:27
jtlindseyjtlindsey
1691112
1691112
add a comment |
add a comment |
protected by Sven♦ Dec 11 '14 at 22:49
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
