Run gateway script from remote server and get permission denied error
search cancel

Run gateway script from remote server and get permission denied error

book

Article ID: 372900

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Try to run the following commands from another server in the Layer7 cluster:

ssh ssgconfig@<ssg_server> /opt/SecureSpan/Gateway/runtime/bin/gateway.sh stop

ssh ssgconfig@<ssg_server> /opt/SecureSpan/Gateway/runtime/bin/gateway.sh start

Have added the following entries to /etc/sudoers.d/ssgconfig:

ssgconfig ALL = (layer7) NOPASSWD: /opt/SecureSpan/Gateway/runtime/bin/gateway.sh stop
ssgconfig ALL = (layer7) NOPASSWD: /opt/SecureSpan/Gateway/runtime/bin/gateway.sh start

But got the permission denied error when try to run the commands.  

Environment

Linux server,  gateway ssg server 11.x.  

Cause

ssgconfig login profile will run the menu script first.  A different id is needed to run remote login,  also the script gateway.sh needs to run as user gateway (other scripts may not have such requirement). 

Resolution

Create a new user say: testuser on the remote server and added the following entry to /etc/sudoers.d/testuser

 

testuser ALL = (gateway) NOPASSWD: /opt/SecureSpan/Gateway/runtime/bin/gateway.sh stop

testuser ALL = (gateway) NOPASSWD: /opt/SecureSpan/Gateway/runtime/bin/gateway.sh start

Run command in the remote server: 

ssh testuser@<ssg_server> su -u gateway /opt/SecureSpan/Gateway/runtime/bin/gateway.sh start

Powered by Wolken Software