I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root).
For instance, I'd like to allow Tom the DBA to su to the oracle user, but not to the tomcat user or root.
I imagine this could be done with the /etc/sudoers file – is it possible? If so, how?
Best Answer
Yes, this is possible.
In /etc/sudoers the item immediately following the equals is the user that the command will be allowed to execute as.
The user (tom) can type sudo -u oracle /bin/chown tom /home/oracle/oraclefile