I am responsible for a few servers and somebody else is the administrator of the IBM Tivoli backup-system. Let us name this user 'toets'. I have created the following sudo-configuration to give him access to the servers and the authenticate him to execute tivoli-related programs on the server: ======================== User_Alias RUGSTEUN= toets
alias specification Cmnd_Alias BACKUP = /opt/tivoli/tsm/client/ba/bin/dsm, \ /opt/tivoli/tsm/client/ba/bin/dsmadmc, \ /opt/tivoli/tsm/client/ba/bin/dsmc, \ /opt/tivoli/tsm/client/ba/bin/dsmagent,\ /opt/tivoli/tsm/client/ba/bin/dsmcad,\ /opt/tivoli/tsm/client/ba/bin/dsmj,\ /opt/tivoli/tsm/client/ba/bin/dsmtca # User privilege specification RUGSTEUN ALL= (root) BACKUP ============================ How is it possible that I can enable this user not only to run programs from this directory, but to kill the process he started when necessary using SUDO - without enabling him to kill any process on the machine. Regards Johann -- Johann Spies Telefoon: 021-808 4036 Informasietegnologie, Universiteit van Stellenbosch "And I saw a great white throne, and him that sat on it, from whose face the earth and the heaven fled away; and there was found no place for them. And I saw the dead, small and great, stand before God; and the books were opened; and another book was opened, which is the book of life; and the dead were judged out of those things which were written in the books, according to their works." Revelations 20:11,12 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]