Operator or admin group user fails to log in vCenter Server Appliance (VCSA) using SSH with the following error:
[sudo] password for [USER ID]
Traceback (most recent call last):
File "/usr/lib/applmgmt/base/py/vmware/vherd/base/utils.py", line 153, in getUserPasswordExpiryStatus
userPasswordStruct = spwd.getspnam(username)
PermissionError: [Errno 13] Permission denied
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/applmgmt/base/bin/vherdrunner", line 8, in <module>
vherdrunner.start(vherdrunner.directories)
File "/usr/lib/applmgmt/base/bin/vherdrunner.py", line 120, in start
exec(code, childGlobals)
File "/usr/lib/applmgmt/linux_cli/bin/main-shell", line 11, in <module>
sys.exit(cli.main(sys.argv, products=('vherd', 'appliance')))
File "/usr/lib/applmgmt/linux_cli/py/vmware/vherd/linux_cli/cli.py", line 1457, in main
cliObject.connect(username, password,
File "/usr/lib/applmgmt/linux_cli/py/vmware/vherd/linux_cli/cli.py", line 326, in connect
expiry_status = getUserPasswordExpiryStatus(username)
File "/usr/lib/applmgmt/base/py/vmware/vherd/base/utils.py", line 168, in getUserPasswordExpiryStatus
raise Exception("Failed to execute password status script : "
Exception: Failed to execute password status script : Sorry, user test1 is not allowed to execute '/usr/lib/applmgmt/support/scripts/get_user_password_status.py' as root on [VCSA NAME].
VMware vCenter Server 8.0 Update 2d or later
The engineering team is working on the fix to address this in future patch.
To work around the issue, log in vCSA as root user and edit the following file using vim:
/usr/lib/applmgmt/base/py/vmware/vherd/base/utils.py
Change the line:
proc = subprocess.Popen(['sudo', support_script],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
to
proc = subprocess.Popen(['sudo', '/bin/sudo_py_vmw_path_pp_wrapper.sh', support_script],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
then, restart the appliance management service.
service-control --restart applmgmt