sesudo Utility Execute a Command as Another User on UNIX

Valid on UNIX
capamsc141
Valid on UNIX
The sesudo utility executes commands for one user with the permissions of another user. The sesudo utility borrows the permissions of another user (the
target
user) to perform one or more commands. This allows regular users to perform actions such as the mount command, which require superuser authority.
The rules governing user authority to perform commands in this way are defined as access rules in the SUDO class. A record in the SUDO class contains a command script, and can specify both users who are permitted to run the script with sesudo and users who are forbidden to.
Each time sesudo runs, it returns one of the following values.
  • -2
    Target user is not found, or command interrupted
  • -1
    Password error
  • 0
    Execution successful
  • 10
    Problem with usage of parameters
  • 11
    syscall is not loaded
  • 20
    Target user error
  • 22
    syscall is loaded but the daemon is not running
  • 30
    Authorization error
This command has the following format:
sesudo {-h|-list|record [params]}
  • -h
    Displays the help screen
  • -list
    Lists sesudo commands that you can execute. These are the SUDO records defined in the
    PAM Server Control
    database that you are authorized to execute.
  • record
    Specifies the name of the SUDO class record the security administrator gave to the command you want to execute using the sesudo utility
  • params
    (Optional) Specifies the parameters that you want to send to the command you are executing