05-17-2017 03:02 AM
Do you have any more information on how to setup SUDO? I understand that it is a requirement where we want to communicate via SSH to a Unix Master Server, however there is not much information on how to set this up in the NSS documentation.
Solved! Go to Solution.
05-17-2017 03:05 AM
As Unix comes in so many flavours and each implementation can have its own local rules we recommend that if you are unfamiliar with Unix/Sudo you consult with your local Unix administrator.
One way of setting up sudo (mostly about the folders and the 2 Defaults settings) which may assist you is listed below.
Login as su and edit sudoers file
visudo
Ensure the following line is commented
# Defaults requiretty
Ensure the following line is not commented
Defaults !visiblepw
Near the bottom of the file (after the 2 commented %wheel lines) add the following
## Grant NetBackup Self Service the ability to run NetBackup commands
%selfservice ALL=NOPASSWD: /usr/openv/netbackup/bin/*,/usr/openv/netbackup/bin/admincmd/*
Save the changes
Create a Group on the system called selfservice
groupadd selfservice
Create a user for NetBackup Self Service to use
Add the user to the selfservice group
ensure password does not expire
useradd netbackupselfservice -G selfservice
passwd netbackupselfservice
chage -m 0 netbackupselfservice
05-17-2017 03:05 AM
As Unix comes in so many flavours and each implementation can have its own local rules we recommend that if you are unfamiliar with Unix/Sudo you consult with your local Unix administrator.
One way of setting up sudo (mostly about the folders and the 2 Defaults settings) which may assist you is listed below.
Login as su and edit sudoers file
visudo
Ensure the following line is commented
# Defaults requiretty
Ensure the following line is not commented
Defaults !visiblepw
Near the bottom of the file (after the 2 commented %wheel lines) add the following
## Grant NetBackup Self Service the ability to run NetBackup commands
%selfservice ALL=NOPASSWD: /usr/openv/netbackup/bin/*,/usr/openv/netbackup/bin/admincmd/*
Save the changes
Create a Group on the system called selfservice
groupadd selfservice
Create a user for NetBackup Self Service to use
Add the user to the selfservice group
ensure password does not expire
useradd netbackupselfservice -G selfservice
passwd netbackupselfservice
chage -m 0 netbackupselfservice