Modify Sudoers File:
Add custom sudoers settings for LDAP groups and users
Main sudoers File: /etc/mcp/templates/sudoers - cannot be modifiable
For creating custom permission settings for LDAP groups, create new folder /tmp/sudoers
vi /tmp/sudoers
usr_Alias HMONITOR=%ldapgroupname
cmd_Alias ISI_MONITOR = /usr/bin/isi batterysatus*, \
/usr/bin/isi stat*, \
/usr/bin/isi status*, \
/usr/bin/isi_hw_status, \
/sbin/gmirror status*
HMONITOR ALL=(ALL) NOPASSWD: ISI_MONITOR
cp /tmp/sudoers /etc/mcp/override
Verify sudoers procedure: cat /etc/mcp/scripts/sudoers.py
/usr/local/etc/sudoers.d
For Releases after 7.1
Use direct command to edit sudoers file isi_visudo
Add custom sudoers settings for LDAP groups and users
Main sudoers File: /etc/mcp/templates/sudoers - cannot be modifiable
For creating custom permission settings for LDAP groups, create new folder /tmp/sudoers
vi /tmp/sudoers
usr_Alias HMONITOR=%ldapgroupname
cmd_Alias ISI_MONITOR = /usr/bin/isi batterysatus*, \
/usr/bin/isi stat*, \
/usr/bin/isi status*, \
/usr/bin/isi_hw_status, \
/sbin/gmirror status*
HMONITOR ALL=(ALL) NOPASSWD: ISI_MONITOR
cp /tmp/sudoers /etc/mcp/override
Verify sudoers procedure: cat /etc/mcp/scripts/sudoers.py
/usr/local/etc/sudoers.d
For Releases after 7.1
Use direct command to edit sudoers file isi_visudo
No comments:
Post a Comment