Starting from Nolio ASAP V3.3, each action can run with specific user credentials (Please refer to the installation and administration guide for more information) by providing the relevant user credentials.
In some cases, the user we want to run as is powerful user (e.g. root user) where it is password restricted and not available. In those cases we can take the advantage of sudo where system administrator give to the Nolio user the ability to run some (or all) commands as root while logging all commands and arguments.
The following outlines the additional steps required to support sudo method (in addition to the minimum requirements to run an action as another user), and should be configured on every Nolio agent you want to use this method on,
- Make sure the sudo user account is configured in /etc/sudoers
- The user should not require tty settings in /etc/sudoers (e.g "Defaults !requiretty" will be enabled, and "Defaults requiretty" will be commented out)
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
# You have to run "ssh -t hostname sudo <cmd>".
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
wlsadmin ALL=(ALL) ALL
Where 'wlsadmin' = sudo user account
Nolio Agent settings
- Copy the 'SudoActionsRunner.sh' to the Nolio Agent install directory and grant it 775 permissions using:
chmod 775 SudoActionsRunner.sh
- .Modify <Nolio Agent install directory>/conf/processes.properties and update the cmd.to.execute argument as below:
- Restart the Nolio Agent:
<Nolio Agent install directory> ./deployer_daemon.sh restart
- The username will be the user you would like to use to execute the command
- The password will be the password of the user account.
Ex: In the following example, the action is configured to run with the user account 'wlsadmin'
<Please see attached file for image>