- [root@lvm ~]# egrep "larry|curly|moe" /etc/sudoers
- larry ALL = ALL
- curly ALL = /sbin/, /usr/sbin/
- moe ALL = (ALL) ALL
- [root@lvm james]# su - larry
- [larry@lvm ~]$ sudo su -
- [root@lvm ~]# exit
- logout
- [larry@lvm ~]$ ps -u curly
- PID TTY TIME CMD
- [larry@lvm ~]$ ps -u curly
- PID TTY TIME CMD
- 6005 pts/3 00:00:00 bash
- 6039 pts/3 00:00:00 test
- 6040 pts/3 00:00:00 sleep
- [larry@lvm ~]$ sudo -u curly /bin/kill 6039
- Sorry, user larry is not allowed to execute '/bin/kill 6039' as curly on lvm.example.com.
- [larry@lvm ~]$ exit
- logout
- [root@lvm james]# su - moe
- [moe@lvm ~]$ sudo -u curly /bin/kill 6039
- We trust you have received the usual lecture from the local System
- Administrator. It usually boils down to these three things:
- #1) Respect the privacy of others.
- #2) Think before you type.
- #3) With great power comes great responsibility.
- [sudo] password for moe:
- [moe@lvm ~]$ exit
- logout
- [root@lvm james]# su - curly
- [curly@lvm ~]$ sudo -u moe /usr/sbin/useradd
- We trust you have received the usual lecture from the local System
- Administrator. It usually boils down to these three things:
- #1) Respect the privacy of others.
- #2) Think before you type.
- #3) With great power comes great responsibility.
- [sudo] password for curly:
- Sorry, user curly is not allowed to execute '/usr/sbin/useradd' as moe on lvm.example.com.
- [curly@lvm ~]$
- [curly@lvm ~]$ sudo /usr/sbin/useradd
- [sudo] password for curly:
- Usage: useradd [options] LOGIN
- Options:
Don't like ads? PRO users don't see any ads ;-)
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
create a new version of this paste
RAW Paste Data