[CentOS] sudo

Fri Oct 10 15:44:45 UTC 2008
Stephen Harris <lists at spuddy.org>

On Fri, Oct 10, 2008 at 12:49:49PM -0400, centos at unixplanet.biz wrote:
> Hi
> 
> Biz_User needs to switch to Sales_User, and  I tried following in sudoers:
> Biz_User ALL=(Sales_User) ALL
> 
> but I get following error when I run sudo su - Sales_User
> 
> "Sorry, user Biz_User is not allowed to execute '/usr/bin/su - Sales_User'
> as root on Server_Name"

What you gave him the ability to do was run
  sudo -u Sales_User anycommand
(which may be sufficient)

What you've described as wanting is
  Biz_User ALL=(root) /usr/bin/su - Sales_User

Something totally different :-)

The clue is the "as root" part of the error; "sudo su - Sales_User" means
'run the su - Sales_User command as root'

-- 

rgds
Stephen