Configuring privilege escalation with sudo
Sudo allows users to run applications and scripts with the security privileges of another user.
Getting ready
Before allowing someone to elevate their security context for a specific application or script, you need to figure out which user or group you wish to elevate from and to, which applications/scripts you use, and on which systems to run them.
The default syntax for a sudo entry is the following:
who where = (as_whom) what
How to do it…
These simple five steps will guide you through setting up privilege escalation:
Create a new
sudoers
definition file in/etc/sudoers.d/
called clustering through the following command:~]# visudo -f /etc/sudoers.d/clustering
Create a command alias for the most-used clustering tools called
CLUSTERING
by executing the following:Cmnd_Alias CLUSTERING = /sbin/ccs, /sbin/clustat, /sbin/clusvcadm
Now, create a host alias group for all the clusters called
CLUSTERS
, as follows:Host_Alias CLUSTERS = cluster1, cluster2
Next...