<html><body><div style="color:#000; background-color:#fff; font-family:lucida console, sans-serif;font-size:10pt"><div class="" style=""><span class="" style="">David, </span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;"><span class="" style=""><br class="" style=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;"><span class="" style="">I don't think you need both sudo & su ... they are different commands</span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;"><span class="" style=""><br class="" style=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console',
sans-serif; background-color: transparent; font-style: normal;">I've used the below statements to create a vfabric tomcat instance using the tcserver account. I took these statements from an installation script I ran as root. Did this on CentOS 6.3</div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;"><br class="" style=""></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;">create the tcserver account</div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;"><br class="" style=""></div><div class="" style="background-color: transparent;"><span style="font-family: 'Courier New', courier, monaco, monospace, sans-serif;"># useradd -m -d
/home/tcserver -s /bin/bash -c "vfabric tc server admin account" tcserver</span></div><div class="" style=""><br class="" style=""></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;">create vfabric tc server instance</div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; background-color: transparent; font-style: normal;"><br></div><div class="" style="background-color: transparent;"><span style="font-family: 'Courier New', courier, monaco, monospace, sans-serif;" class=""># sudo -i -u tcserver /opt/vmware/vfabric-tc-server-standard-2.9.1.RELEASE/tcruntime-instance.sh create --template bio --template bio-ssl --instance-directory /srv/vfabric-tc-server <instance name></span></div><div class="" style=""><br class="" style=""></div><div class="" style="background-color: transparent;"><span
class="" style="">start the instance</span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br class="" style=""></span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""></span></div><div class="" style="background-color: transparent;"><span style="font-family: 'Courier New', courier, monaco, monospace, sans-serif;" class=""># sudo -i -u tcserver /opt/vmware/vfabric-tc-server-standard-2.9.1.RELEASE/tcruntime-ctl.sh -n /srv/vfabric-tc-server ubidsynch-dev start</span></div><div class="" style=""><br class="" style=""></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><br class=""
style=""></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style="">If you don't want to run the commands as root, but instead use an account called "boxadmin", I think "boxadmin" would need to be put in sudoers with the permissions to run commands as the "tcserver" account, plus you might want to limit the commands to the vfabric-tc-server install directory for example. </span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br></span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style="">HTH</span></div><div class="" style="background-color: transparent; color:
rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br></span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br></span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br></span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br></span></div><div class="" style="background-color: transparent; color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br></span></div><div class="" style="background-color: transparent;
color: rgb(0, 0, 0); font-size: 14px; font-family: 'lucida console', sans-serif; font-style: normal;"><span class="" style=""><br class="" style=""></span></div><div class="" style=""> <div style="font-family: lucida console, sans-serif; font-size: 10pt;" class=""> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 12pt;" class=""> <div dir="ltr" class="" style=""> <font size="2" face="Arial" class="" style=""> On Monday, April 21, 2014 1:57 PM, David L. Willson <DLWillson@TheGeek.NU> wrote:<br class="" style=""> </font> </div> <div class="" style=""><div id="yiv9996152788" class="" style=""><style type="text/css" class="" style="">#yiv9996152788 p {margin:0;}</style><div class="" style=""><div style="font-family:Times New Roman;font-size:12pt;color:#000000;" class="">How do you let one non-privileged user impersonate (become) another non-privileged user?<span class="" style=""><br
class="" style=""><br class="" style="">When *I* need to impersonate a user, I run: sudo su - some_user, but I don't want the regular users doing that. Or, do I?<br class="" style=""><br class="" style=""><span class="" style=""></span>--<br class="" style="">David L. Willson<br class="" style="">Teacher, Engineer, Evangelist<br class="" style="">RHCE+Satellite CCAH Network+ A+ Linux+ LPIC-1 UbuntuCP NovellCLA<br class="" style="">Mobile 720-333-LANS(5267)<br class="" style="">http://sofree.us<br class="" style=""><br class="" style="">This is a good time for a r3VOLution.<span class="" style=""></span><br class="" style=""></span><br class="" style=""></div></div></div><br class="" style="">_______________________________________________<br class="" style="">clue mailing list: <a ymailto="mailto:clue@cluedenver.org" href="mailto:clue@cluedenver.org" class="" style="">clue@cluedenver.org</a><br class="" style="">For information, account preferences, or
to unsubscribe see:<br class="" style=""><a href="http://cluedenver.org/mailman/listinfo/clue" target="_blank" class="" style="">http://cluedenver.org/mailman/listinfo/clue</a><br class="" style=""><br class="" style=""></div> </div> </div> </div> </div></body></html>