[gpfsug-discuss] Sudo wrappers

Simon Thompson S.J.Thompson at bham.ac.uk
Wed Oct 10 16:58:51 BST 2018


OK, so I finally got a few minutes to play with the sudo wrappers.

I read the docs on the GPFS website, setup my gpfsadmin user and made it so that root can ssh as the gpfsadmin user to the host.

Except of course I’ve clearly misunderstood things, because when I do:

[myusername at bber-dssg02 bin]$ sudo /usr/lpp/mmfs/bin/mmgetstate -a
myusername at bber-afmgw01.bb2.cluster's password: myusername at bber-dssg02.bb2.cluster's password: myusername at bber-dssg01.bb2.cluster's password: myusername at bber-afmgw02.bb2.cluster's password:

Now “myusername” is … my username, not “gpfsadmin”. What I really don’t want to do is permit root to ssh to all the hosts in the cluster as “myusername”. I kinda thought the username it sshes as would be configurable, but apparently not…

Annoyingly, I can do:
[myusername at bber-dssg02 bin]$ sudo SUDO_USER=gpfsadmin /usr/lpp/mmfs/bin/mmgetstate -a

And that works fine… So is it possibly to set in a config file the user that the sudo wrapper works as?

(I get there are cases where you want to ssh as the original calling user)

Simon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20181010/6317be26/attachment.htm>


More information about the gpfsug-discuss mailing list