On (most) Linux systems, we can let a specific user
su into anyone they want by placing him in the wheel group and making some settings in
I want to do something more limited: I want to let a certain user user1 be able to "become" (as in
su) another specific user user2 – but only this pair. i.e. the user1 should not be able to become anybody they want, nor can other users be allowed to become user2.
Can this be done, and if so – what is the least-ugly way to do so?
Note: Assume I have root. If this can somehow be done by user2 and user1 without root privileges, that would be great, but I doubt it.
sudo can already do this. A trivial example lets user1 sudo to user2 and run any command:
user1 ALL=(user2) ALL
Run a command as user2:
sudo -u user2 ls
Get an interactive shell:
sudo -i -u user2
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.