Results 1 to 4 of 4

Thread: Susperuser Permissions - for non root users

Hybrid View

  1. Susperuser Permissions - for non root users

    Is there some special process to make a regular user a "superuser" beyond the normal sudo permissions ?

  2. Re: Susperuser Permissions - for non root users

    Let me add some more info on this question: We are trying to run splunk enterprise 7.3.0 on SUSE 12 SP4 as a systemd process using this guide from splunk docs: https://docs.splunk.com/Documentatio...s_requirements

    So far we have not been able to successfully run splunkd as a service using this method. I am able to modify this method by not running the $SPLUNK_HOME/bin/splunk enable boot-start -systemd-managed 1 -user splunk but using the service file anyway. It will run but not correctly.

    The problem we keep running into is the "splunk" user account. This is what is stated but after giving it all the sudo rights I can it still will not work.
    Permissions requirements
    The enable boot-start command and systemd have the following permissions requirements:

    Non-root users must have super user permissions to configure systemd using enable boot-start.
    Non-root users must have super user permissions to run start, stop, restart under systemd.
    For instructions on how to create a new user with super user permissions, see your Linux documentation. The specific steps can vary depending on the Linux distribution.


    Now I can get the splunk user to run systemctl with no password as long as I put sudo in front of it. If I don't it will prompt me for the password, and from what testing I can do it seems that the splunk systemd process is not using sudo in it's commands under the covers.

    Is there a way to allow a regular user (splunk) to run systemctl without a root password and without sudo in front? Yes I know not even remotely the best practice.

    Thanks

  3. Re: Susperuser Permissions - for non root users

    Quote Originally Posted by cisaksen View Post
    Let me add some more info on this question: We are trying to run splunk enterprise 7.3.0 on SUSE 12 SP4 as a systemd process using this guide from splunk docs: https://docs.splunk.com/Documentatio...s_requirements

    So far we have not been able to successfully run splunkd as a service using this method. I am able to modify this method by not running the $SPLUNK_HOME/bin/splunk enable boot-start -systemd-managed 1 -user splunk but using the service file anyway. It will run but not correctly.

    The problem we keep running into is the "splunk" user account. This is what is stated but after giving it all the sudo rights I can it still will not work.
    Permissions requirements
    The enable boot-start command and systemd have the following permissions requirements:

    Non-root users must have super user permissions to configure systemd using enable boot-start.
    Non-root users must have super user permissions to run start, stop, restart under systemd.
    For instructions on how to create a new user with super user permissions, see your Linux documentation. The specific steps can vary depending on the Linux distribution.


    Now I can get the splunk user to run systemctl with no password as long as I put sudo in front of it. If I don't it will prompt me for the password, and from what testing I can do it seems that the splunk systemd process is not using sudo in it's commands under the covers.

    Is there a way to allow a regular user (splunk) to run systemctl without a root password and without sudo in front? Yes I know not even remotely the best practice.

    Thanks
    Hi
    As root user and visudo;

    Code:
    visudo
    
    username ALL = NOPASSWD: /path/to/app/appname
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  4. Re: Susperuser Permissions - for non root users

    Yup I have that code in a file under /etc/sudoers.d

    In fact I went so far a to try

    splunk ALL =(ALL) NOPASSWD:ALL

    Still have the same problem. I my opinion the problem is in the way splunk is executing their program. I got it to work somewhat finally by running it as root. But this is just a workaround for now.

    Thanks, at least i know I'm not going crazy with this. Was starting to think there was some new definition of what a superuser was on linux.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •