Granting the admin user access to su, passwd, and pam_tally2 in vRealize Operations Manager 6.x
search cancel

Granting the admin user access to su, passwd, and pam_tally2 in vRealize Operations Manager 6.x

book

Article ID: 343664

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:
  • Admin user is unable to access su, passwd, and pam_tally2 in vRealize Operations Manager 6.x.
  • When the root account is locked, you are unable the su, passwd, and pam_tally2 commands.


Environment

VMware vRealize Operations Manager 6.0.x
VMware vRealize Operations Manager 6.1.x
VMware vRealize Operations Manager 6.2.x

Resolution

To resolve this issue, grant access to the admin user in the /etc/sudoers file to su to root without a password.

To grant access in /etc/sudoers file:
  1. From the vRealize Operations Manager admin UI, take the vRealize Operations Manager node offline.
  2. In the vSphere Client, open the console of the node.
  3. Restart or power on the virtual machine.
  4. When the GRUB loader menu appears, immediately use the up and down arrow keys to navigate to this option:

    SUSE Linux Enterprise Server {version} for VMware

    Notes:
    • Press the up and down arrow keys even if the option appears to be selected. If you do not press these keys, the machine continues to boot and the process should be started again.
    • The cursor appears at the end of a line of boot options near the bottom of the display.

  5. Type init=/bin/sh, and press enter.

    Note: The virtual appliance starts in single-user mode.

  6. Open /etc/sudoers using a text editor.
  7. Add this lineto the Cmnd_Alias ADMIN_CMDS = line:

    , /bin/su, /usr/bin/passwd, /sbin/pam_tally2

    Note: This allows the admin user to su to root with no password, change root's password or run pam_tally2.

  8. Save and close the file.
  9. Reboot the node.

Note: Take the node online from the vRealize Operations Manager admin UI when you unlock or reset the root password.



Additional Information

在 vRealize Operations Manager 6.x 中授予管理员用户对 su、passwd 和 pam_tally2 的访问权限