Originally posted by: choosak

Dear Gurus,
I use AIX 5.3 TL5 and I want to allow a non-root user to do a system backup with 'mksysb' command.
I try to add 'ManageBackup' Role to that non-root user but it have an error "ksh: mksysb: 0403-006 Execute permission denied."
What should I do?
Note I don't want to create another user with UID 0

Best regards,
Choosak Bunyasiriwat
Choosak_Bun@freewillsolutions.com

Originally posted by: orphy

Might want to consider the sudo command.

http://bullfreeware.com/
Orphy

Originally posted by: alethad

You might also want to take a look at Webmin if you have other tasks that you may want non-root users to do. I use it to allow non-root & non-unix users to check log files or run scripts they need for their apps & stuff so they don't have to log into my box at all. It's just point & click. It's free, login controlled and easy to install.
Good luck.

Originally posted by: apple08

Dear AIX Gurus,

I found this reference in IBM Wiki.
#visudo
ALL ALL=/dialup,/hangup
jim ALL=/dialup,/hangup
mike ALL=(root) ALL
ALL NOPASSWD: ALL=/dialup,/hangup mike ALL=(root) NOPASSWD: ALL
How to run: #sudo /dialup

Question:
I wanna set our user to run sync, reboot and restart? how can I change this sudo file? do i have to edit the sudoers file? I've installed the sudo, but when i tried to do this
$sudo sync
it just return me to the next dollar. does it execute the command? how can i know the status? really looking forward for your awaiting reply. Thanks in advance

Originally posted by: hdkutz

Maybe sync is a bad example, cause everyone could exec that!
These are the steps to execute /my_script as user bob with root-permissions on your machine:

• visudo

<snip>
Cmnd_Alias MYCMD = /my_script
bob ALL=NOPASSWD: MYCMD
<snip>

• test it with

$ sudo /my_script

Notice:

• NOPASSWD will execute without asking for User bob's pass.
• ALL will execute on all hosts (if you drag and drop on another host it will work)
• actually only bob can do this

RTFM sudo-manpage
man sudo
man sudoers
If you use the IBM-Sudo RPM Package expand your MANPATH to /opt/freeware/man, to read the Pages.
Cheers,
ku

Originally posted by: apple08

Dear Mr Ku,
The example is great. meaning, whenever bob want to execute sudo, it will not ask him to key in any password?

Originally posted by: apple08

Dear Mr Ku,
What do you think of our sudo file? system administrator will use sysadmin id to manage the server. before this we use root id.
we hope with the sudo implementation sudo, we (system administrator) can avoid using root id to manage and administer the server. would really appreciate you could advice us on this.

Originally posted by: hdkutz

Looks OK for me.
<snip>
Host_Alias AIX = Pekaka
<snip>
is configured - but never used?

Cheers,
ku