Previous Topic: sesudo UtilityNext Topic: sesudo Utility—Execute a Command as Another User on Windows


sesudo Utility—Execute a Command as Another User on UNIX

Valid on UNIX

The sesudo utility executes commands for one user with the permissions of another user. The sesudo utility borrows the permissions of another user (the target user) to perform one or more commands. This allows regular users to perform, for example, actions-such as the mount command-that require superuser authority.

The rules governing user authority to perform commands in this way are defined as access rules in the SUDO class. A record in the SUDO class contains a command script, and can specify both users who are permitted to run the script with sesudo and users who are forbidden to.

Each time sesudo runs, it returns one of the following values.

-2

Target user not found, or command interrupted

-1

Password error

0

Execution successful

10

Problem with usage of parameters

11

syscall is not loaded

20

Target user error

22

syscall is loaded but the daemon is not running

30

Authorization error

This command has the following format:

sesudo {-h|-list|record [params]}
‑h

Displays the help screen.

‑list

Lists sesudo commands you can execute. These are the SUDO records defined in the CA ControlMinder database that you are authorized to execute.

record

Specifies the name of the SUDO class record the security administrator gave to the command you want to execute using the sesudo utility.

params

(Optional) Specifies the parameters you want to send to the command you are executing.