Minimum sudo rights for running the DA proxy server

book

Article ID: 207864

calendar_today

Updated On:

Products

DX NetOps

Issue/Introduction

Due to internal security requirements, we need to keep the minimum workable rights in the sudoers file post install.

Cause

The docset only includes the sudo rights needed for a full install as well as long term management.

Environment

Release : 20.2

Component : PERFORMANCE MANAGEMENT INSTALLATIONS/UPGRADES

Resolution

Here is the minimum required entry for management after the install is finished:

    Cmnd_Alias CA_DAPROXY =/sbin/service daproxy *,/sbin/service consul *

     ## Allows the daproxy user to manage the proxy server

      dasudouser_name      ALL = CA_DAPROXY