Better still would be
user1 (ALL)=user2 /bin/bash
Leave off su entirely and
sudo -H user2 -i
as user1
On 19 Aug 2010 15:57, "mcclnx mcc" <mcclnx@xxxxxxxxxxxx> wrote:
> This work correctly. Thanks.
>
> --- 10/8/19 (四),John Kennedy <skebi69@xxxxxxxxx> 寫道:
>
> 寄件者: John Kennedy <skebi69@xxxxxxxxx>
> 主旨: Re: how to setup account which can 'su" to another account (NON-root)?
> 收件者: "CentOS mailing list" <centos@xxxxxxxxxx>
> 日期: 2010年8月19日,四,上午10:00
>
>
>
> On Thu, Aug 19, 2010 at 9:56 AM, mcclnx mcc <mcclnx@xxxxxxxxxxxx> wrote:
>
> Thank you for answer. The problem I have is "user1" need "su" privilege. If I grant "su" privilege, it can "su" to anyone. What I want is user1 can ONLY "su" to user2.
>
>
>
>
> my /etc/sudoers setup:
>
>
>
> # User privilege specification
>
> root ALL=(ALL) ALL
>
> user1 ALL=(root) /bin/su
>
>
>
>
>
> any ideal to fix it?
>
>
>
>
>
>
> Use complete command like this:user1 ALL=(root) /bin/su - user2This will limit user1 to that specific command. You can add -NOPASSWD and user1 will not have to enter their password.
> John--
> John Kennedy
>
>
>
> -----內含下列夾帶檔案-----
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
>
>
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
