Originally posted by: lewisj35

I am running sudo version Sudo version 1.6.9p15 on AIX 5.3 and created an alias in my .profile to allow me to keep the LIBPATH (alias sudo='sudo LIBPATH=".:/usr/lib:/uc1/products/oracle/10.2/lib32"'). All is well until the user I am sudo'ing to requires a connection to the oracle DB. I get the following error: 236506: Database error CAN'T OPEN MESSAGE FILE. (-1). When I login to the user that I am sudo'ing to the command runs just fine (no DB connection error). I suspect the problem is with the PATH being stripped. How do I prevent sudo from stripping the variables I need. I have set the Default !env_reset and Defaults env_keep += "PATH" in my sudoers, but it still produces database connection error. Any help would be most appreciated.

Originally posted by: SystemAdmin

Hi,

Are you doing "sudo su user" or "sudo su - user", as the second form will lose all current environment variables. The keep_env works for most environmental variables; but I thought that some were deliberately stripped for security reasons. In which case you may need to run a dot file to re-add the variables to the environment.

Originally posted by: lewisj35

Thanks for the response. I am doing "sudo -u user". Everything was working fine with the LIBPATH alias that I set in the .profile until one of the commands that I sent to the sudo user requires the user to connect to the oracle database. When logged in as that user the connection to the db takes place and everything works fine. It's only when I sudo -u that it fails. I have tried sudo su user and sudo su - user and both those fail as well. Sudo is removing critical values that causes my command to fail.