In a flexible management environment, you can use sudo
to allow a substitute user to perform commands on the target host.
Before you begin
Centralized Installation Manager (CIM) only supports the
use of username/password authentication with sudo credentials. The
sudo option is supported on AIX, HP-UX, Linux, and Solaris operation
systems only. The sudo function is an optional feature in some AIX,
HP-UX, Linux, or Solaris installations. Make sure the sudo function
is installed in the target hosts. Use of public/private key authentication
with sudo is not supported. Target hosts must have ssh installed and
configure the /etc/sudoers file to give the permission
of the user to switch to the target user. In addition, requiretty
should not be specified.
About this task
The sudo command allows you to use your own id to log in
to the system, then use the sudo command to change to the common user
name and run commands on target hosts. Use the following steps to
set up your system to use sudo.
Procedure
- Edit the setup file: /etc/sudoers.
- Log in as root and run the visudo command.
- Disable: Defaults requiretty
- Authorize the desired user to run /bin/sh in WebSphere.
For example:## Comment out requiretty
#Defaults requiretty
## These options allow user user1 to switch to user websphere and run /bin/sh
user1 ALL=(websphere) /bin/sh
## This options allow user fmhwong to switch to root and run /bin/sh
user1 ALL=(root) /bin/sh
- You can use sudo when using the administrative console:
- When registering a new host:
- Log in to the administrative console.
- Click .
- Enter the Hostname.
- Enter your username and password.
- Select the use sudo option.
- Enter the sudo username and/or password
- In step 2 of the job submission wizard: If
you did not check the save security checkbox when registering the
host, you must provide the credential information
- Log in to the administrative console. Click Submit.
- Select a job type and provide a description, click Next.
- In the Target authentication section, enter the username.
- Select Password authentication and enter
your password.
- Select Use sudo.
- Enter the sudo username and/or sudo password.
- You can use sudo when using the wsadmin commands:
- You have three sudo paramaters when using wsadmin commands
with CIM. For example:
AdminTask.registerHost('-host host1 -hostProps [[osType linux][username user1]
[password ******][sudoUsername websphere][saveSecurity true][useSudo true]]')
Results
Users are able to log in using their user name and password
and then use sudo to switch to the common user name to run commands
on target hosts.