Which sudo command need the SSH user

Issue

  • Is it possible to remove sudo permission from SSH account?
  • Is the SSH user still needed other than to perform manual troubleshooting, can we delete this user?
  • Once the installation is completed, Could we remove sudo permission from SSH account?

Environment

Resolution

The SSH user who is used for certain cluster operation such as cluster-init, worker-add, worker-restart, pse-support, …needs sudo permissions because they access to configuration/logs files which requires from that privileges

These are the commands performed with sudo by the SSH user:

COMMAND=/bin/cat
COMMAND=/bin/chmod
COMMAND=/bin/cp
COMMAND=/bin/docker
COMMAND=/bin/firewall-cmd
COMMAND=/bin/id
COMMAND=/bin/install
COMMAND=/bin/mkdir
COMMAND=/bin/mount
COMMAND=/bin/nmcli
COMMAND=/bin/rm
COMMAND=/bin/rmdir
COMMAND=/bin/sed
COMMAND=/bin/sh
COMMAND=/bin/su
COMMAND=/bin/sudo
COMMAND=/bin/systemctl
COMMAND=/bin/tee
COMMAND=/bin/touch
COMMAND=/bin/umount
COMMAND=/bin/yum
COMMAND=/etc/init.d/topbeat
COMMAND=/home/packer/dna-config/configure-docker
COMMAND=/home/packer/dna-config/configure-http-proxy
COMMAND=/sbin/useradd
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.