PDA

View Full Version : SLES 12 SP4 Susperuser Permissions - for non root users



cisaksen
24-Jul-2019, 15:57
Is there some special process to make a regular user a "superuser" beyond the normal sudo permissions ?

cisaksen
24-Jul-2019, 18:53
Let me add some more info on this question: We are trying to run splunk enterprise 7.3.0 on SUSE 12 SP4 as a systemd process using this guide from splunk docs: https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/RunSplunkassystemdservice#Permissions_requirements

So far we have not been able to successfully run splunkd as a service using this method. I am able to modify this method by not running the $SPLUNK_HOME/bin/splunk enable boot-start -systemd-managed 1 -user splunk but using the service file anyway. It will run but not correctly.

The problem we keep running into is the "splunk" user account. This is what is stated but after giving it all the sudo rights I can it still will not work.
Permissions requirements
The enable boot-start command and systemd have the following permissions requirements:

Non-root users must have super user permissions to configure systemd using enable boot-start.
Non-root users must have super user permissions to run start, stop, restart under systemd.
For instructions on how to create a new user with super user permissions, see your Linux documentation. The specific steps can vary depending on the Linux distribution.

Now I can get the splunk user to run systemctl with no password as long as I put sudo in front of it. If I don't it will prompt me for the password, and from what testing I can do it seems that the splunk systemd process is not using sudo in it's commands under the covers.

Is there a way to allow a regular user (splunk) to run systemctl without a root password and without sudo in front? Yes I know not even remotely the best practice.

Thanks

malcolmlewis
25-Jul-2019, 01:25
Let me add some more info on this question: We are trying to run splunk enterprise 7.3.0 on SUSE 12 SP4 as a systemd process using this guide from splunk docs: https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/RunSplunkassystemdservice#Permissions_requirements

So far we have not been able to successfully run splunkd as a service using this method. I am able to modify this method by not running the $SPLUNK_HOME/bin/splunk enable boot-start -systemd-managed 1 -user splunk but using the service file anyway. It will run but not correctly.

The problem we keep running into is the "splunk" user account. This is what is stated but after giving it all the sudo rights I can it still will not work.
Permissions requirements
The enable boot-start command and systemd have the following permissions requirements:

Non-root users must have super user permissions to configure systemd using enable boot-start.
Non-root users must have super user permissions to run start, stop, restart under systemd.
For instructions on how to create a new user with super user permissions, see your Linux documentation. The specific steps can vary depending on the Linux distribution.

Now I can get the splunk user to run systemctl with no password as long as I put sudo in front of it. If I don't it will prompt me for the password, and from what testing I can do it seems that the splunk systemd process is not using sudo in it's commands under the covers.

Is there a way to allow a regular user (splunk) to run systemctl without a root password and without sudo in front? Yes I know not even remotely the best practice.

Thanks
Hi
As root user and visudo;



visudo

username ALL = NOPASSWD: /path/to/app/appname

cisaksen
25-Jul-2019, 13:14
Yup I have that code in a file under /etc/sudoers.d

In fact I went so far a to try

splunk ALL =(ALL) NOPASSWD:ALL

Still have the same problem. I my opinion the problem is in the way splunk is executing their program. I got it to work somewhat finally by running it as root. But this is just a workaround for now.

Thanks, at least i know I'm not going crazy with this. Was starting to think there was some new definition of what a superuser was on linux.