geminyo:sudo su - ts3adm -c " need to go particular directory"
geminyo – user
s3adm also user
the highlighted command I need to put in sudoers file "geminyo:sudo su - ts3adm -c " need to go particular directory" .
please clarify
If the previous response didn't make sense and make you look at your "problem" differently, then I'm not sure that I can clarify.
It's not enough to just change to a different directory (in a new shell started by "sudo") – you have to actually DO something in that directory for it to have any value or lasting effect – you have to run some command in a directory which "ts3adm" has access to do , but "geminyo" presumably does not have access to.
geminyo:sudo su - ts3adm -c " need to go particular directory in order to DO something ; run_some_command_to_DO_SOMETHING "
There is no point in changing user ID just to change directory for an instant and exit; returning to the original user in the original directory.
You cannot get the user "geminyo" into the directory by running a "cd" command with the help of "sudo" ; that's just NOT how it all works (if that's what you are attempting to do).
The usual requirement is to change user so that the new user can go to some directory where there original user cannot go, and/or to do something in that directory which would not be possible as the original user, and then once that is done, the command completes and the shell started by sudo exits.
After that happens, the original user is back in control and located in the original directory.
For example- (trying to image what restrictions would lead you to the question which you asked, and a scenario which sudo CAN handle)
If the user "geminyo" does not have permissions to access anything in /apps/appname , but user "ts3adm" does have access there,
And you need to run an application program located in /apps/appname/bin and it always uses the input file "INPUTFILE" in the current directory
and that file exists only as /app/appname/data/INPUTFILE
Then you might do it this way:
sudo su – ts3adm " cd /app/appname/data ; /apps/appname/bin/app_program "
It would make the sudoers file simpler and cleaner (by removing the need for the "cd" in the command seen in the sudoers file) if app_program knew where to find INPUTFILE (besides the current directory) or if you could pass the path to INPUT_FILE as a parameter to app_program -
That is – either of these is "better" because there is no need for sudo to know about and match the "cd /app/appname/dat" part of the command :
sudo su – ts3adm "/apps/appname/bin/app_program /app/appname/data/INPUTFILE "
sudo su – ts3adm " cd /app/appname/data ; /apps/appname/bin/app_program "
If that doesn't clarify, then maybe there's too big of a gap between what you think you need to do and how it can actually be done.
As for what goes into the sudoers file –
It's not completely impossible that the command which you want to add into the sudoers file includes "sudo su – etc.,etc.etc." in the command, but it would be a bit unusual.
Normally, the command in the sudoers file is just the part which is passed as an argument to sudo .
In the case of something like
sudo su -c otheruser " cd /some/private/directory ; /run/some/privileged/command "
The sudoers file would have an entry for the user "otheruser" containing something like "cd /some/private/directory ; /run/some/privileged/command" (or an equivlalent Cmnd_Alias)
with no mention of "sudo -c otheruser" in the sudoers file.
Michael Shon