"der.hans" wrote:
>
> Am 25. Feb, 2004 schwätzte George Toft so:
>
> > User_Alias WEB = gtoft
> > Cmnd_Alias HTTP = /bin/su /usr/local/apache/bin/apachectl
> > WEB ALL = (root) NOPASSWD: HTTP
>
> That should be telling su to change to the '/usr/local/apache/bin/apachectl'
> user.
>
> As Tom suggested, drop the /bin/su off there. In the past I ran into probs
> with this because apachectl is a shell script and sudo didn't quite run it
> as root, so I had to add the real command apachectl calls to the Cmnd_Alias.
>
> ciao,
>
> der.hans
> --
> # https://www.LuftHans.com/ http://www.AZOTO.org/
> # Hope has two beautiful daughters: Anger and Courage. Anger at the way
> # things are, and Courage to struggle to create things as they should be.
> # -- St. Augustine
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Hi Tom/Hans,
I just wanted to get back to you - removing the /bin/su had no effect.
I was speaking with the support engineer for the module that is getting
loaded, and he thinks there is some environment variable not getting
passed somewhere.
I'm wondering if there might be a path issue - root can run it ok, but
the unpriv user cannot.
Still experimenting . . .
--
George Toft
CISSP, NCNI/NSNS, MSIS
Computer Security
AGD,llc
www.agdllc.com
623-203-1760
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)