1. #vi /user/local/etc/sudoers --> 위 항목 추가
2. 각 노드마다 진행해야 한다.
---------------------------------------------------------------
Isilon-1# cd /usr/local/etc/
Isilon-1# vi sudoers
## This file is auto-generated by /etc/mcp/scripts/sudoers.py.
User_Alias ADMINS = compadmin
User_Alias REMOTESUPPORT = remotesupport
Cmnd_Alias PROCESSES = /bin/kill, /usr/bin/renice, \
/usr/bin/pkill, /usr/bin/top, /usr/bin/killall
Cmnd_Alias SYSADMIN = /bin/date, /sbin/sysctl, /sbin/shutdown, \
/bin/ps, /usr/sbin/ntpdate, /sbin/ifconfig, \
/usr/sbin/nfsstat, /usr/sbin/pciconf, \
/usr/sbin/tcpdump
Cmnd_Alias ISI = /usr/bin/isi
Cmnd_Alias ISI_ADMIN = /usr/bin/isi_classic, /usr/bin/isi_for_array, \
/usr/bin/isi_gconfig, /usr/bin/isi_job_d, \
/usr/bin/isi_vol_copy
Cmnd_Alias ISI_SUPPORT = /usr/bin/gcore, /usr/bin/isi_bootdisk_status, \
/usr/bin/isi_cache_stats, \
/usr/bin/isi_client_stats, /usr/bin/isi_cpr, \
/usr/bin/isi_dmi_info, /usr/bin/isi_dmilog, \
/usr/bin/isi_dongle_sync, \
/usr/bin/isi_drivenum, \
/usr/bin/isi_dsp_install, \
/usr/bin/isi_dumpjournal, \
/usr/bin/isi_eth_mixer_d, \
/usr/bin/isi_evaluate_provision_drive, \
/usr/bin/isi_flush, \
/usr/bin/isi_gather_auth_info, \
/usr/bin/isi_gather_cluster_info, \
/usr/bin/isi_gather_info, \
/usr/bin/isi_get_itrace, \
/usr/bin/isi_get_profile, \
/usr/bin/isi_hangdump, /usr/bin/isi_hw_status, \
/usr/bin/isi_ib_bug_info, /usr/bin/isi_ilog, \
/usr/bin/isi_imdd_status, \
/usr/bin/isi_inventory_tool, \
/usr/bin/isi_km_diag, \
/usr/bin/isi_linmap_mod, \
/usr/bin/isi_make_abr, /usr/bin/isi_nodes, \
/usr/bin/isi_ntp_config, \
/usr/bin/isi_ovt_check, /usr/bin/isi_patch_d, \
/usr/bin/isi_promptsupport, \
/usr/bin/isi_radish, \
/usr/bin/isi_repstate_mod, \
/usr/bin/isi_restill, \
/usr/bin/isi_save_itrace, \
/usr/bin/isi_send_abr, \
/usr/bin/isi_smbios, \
/usr/bin/isi_stats_tool, \
/usr/bin/isi_transform_tool, \
/usr/bin/isi_ufp, \
/usr/bin/isi_update_cto, \
/usr/bin/isi_vol_copy, \
/usr/bin/isi_vol_copy_vnx, \
/usr/bin/nfsstat, \
/usr/sbin/isi_bootdisk_finish, \
/usr/sbin/isi_bootdisk_provider_dev, \
/usr/sbin/isi_bootdisk_unlock, \
/usr/sbin/isi_checkjournal, \
/usr/sbin/isi_disk_firmware_reboot, \
/usr/sbin/isi_clean_idmap, \
/usr/sbin/isi_fsa_tool, \
/usr/sbin/isi_kill_busy, \
/usr/sbin/isi_lid_d, \
/usr/sbin/isi_logstore, \
/usr/sbin/isi_mcp, \
/usr/sbin/isi_netlogger, \
/usr/sbin/isi_rbm_ping, \
/usr/sbin/isi_savecore, \
/usr/sbin/isi_umount_ifs
Cmnd_Alias ISI_HWTOOLS = /usr/bin/isi_hwtools/isi_cto_convert, \
/usr/bin/isi_hwtools/isi_cto_update, \
/usr/bin/isi_hwtools/isi_cto_upgrade, \
/usr/bin/isi_hwtools/isi_fcb_vpd_tool, \
/usr/bin/isi_hwtools/isi_fputil, \
/usr/bin/isi_hwtools/isi_flexnet_info, \
/usr/bin/isi_hwtools/isi_hw_check, \
/usr/bin/isi_hwtools/isi_ib_fw, \
/usr/bin/isi_hwtools/isi_ib_info, \
/usr/bin/isi_hwtools/isi_ipmicmc, \
/usr/bin/isi_hwtools/isi_lsiexputil, \
/usr/bin/isi_hwtools/isi_mpsutil, \
/usr/bin/isi_hwtools/isi_mps_fw_status, \
/usr/bin/isi_hwtools/isi_mpt_fw_status, \
/usr/bin/isi_hwtools/isi_ovt_check, \
/usr/bin/isi_hwtools/isi_rnvutil, \
/usr/bin/isi_hwtools/isi_sasphymon, \
/usr/bin/isi_hwtools/isi_sed, \
/usr/bin/isi_hwtools/isi_update_serialno, \
/usr/bin/isi_hwtools/isi_vitutil, \
/sbin/nvmecontrol
Cmnd_Alias REMOTE_SUPPORT_CMDS = /usr/bin/remotesupport/GetATAControlAndGMirror, \
/usr/bin/remotesupport/GetClusterEvents, \
/usr/bin/remotesupport/GetClusterStatus, \
/usr/bin/remotesupport/GetContactInfo, \
/usr/bin/remotesupport/GetContents-isi_client_stats, \
/usr/bin/remotesupport/GetNfsClients, \
/usr/bin/remotesupport/GetReadonlyStatus, \
/usr/bin/remotesupport/IsiGatherInfo, \
/usr/bin/remotesupport/IsiGatherInfo-Incremental, \
/usr/bin/remotesupport/IsiGatherInfo-Incremental-SingleNode, \
/usr/bin/remotesupport/IsiGatherInfo-SingleNode, \
/usr/bin/remotesupport/clean_watch_folders, \
/usr/bin/remotesupport/generate_dashboard_file_daily, \
/usr/bin/remotesupport/generate_dashboard_file_interval, \
/usr/bin/remotesupport/get_contents_var_crash, \
/usr/bin/remotesupport/get_data_abr, \
/usr/bin/remotesupport/get_data_application, \
/usr/bin/remotesupport/get_data_cluster, \
/usr/bin/remotesupport/get_data_domain, \
/usr/bin/remotesupport/get_data_fs, \
/usr/bin/remotesupport/get_data_ib, \
/usr/bin/remotesupport/get_data_logs, \
/usr/bin/remotesupport/get_data_messages, \
/usr/bin/remotesupport/get_data_network, \
/usr/bin/remotesupport/get_data_node, \
/usr/bin/remotesupport/get_data_protocol, \
/usr/bin/remotesupport/get_data_usage, \
/usr/bin/remotesupport/get_job_status, \
/usr/bin/remotesupport/restart_node, \
/usr/bin/remotesupport/tail_messages, \
/usr/bin/remotesupport/upload_messages
Cmnd_Alias ISI_PRIV_ANTIVIRUS = /usr/bin/isi avscan*
Cmnd_Alias ISI_PRIV_CLUSTER = /usr/bin/isi email*, \
/usr/bin/isi version*
Cmnd_Alias ISI_PRIV_EVENT = /usr/bin/isi alert*, \
/usr/bin/isi events*
Cmnd_Alias ISI_PRIV_DEVICES = /usr/bin/isi devices*, \
/usr/bin/isi servicelight*
Cmnd_Alias ISI_PRIV_FTP = /usr/bin/isi ftp*
Cmnd_Alias ISI_PRIV_ISCSI = /usr/bin/isi iscsi*, \
/usr/bin/isi lun*, \
/usr/bin/isi target*
Cmnd_Alias ISI_PRIV_LICENSE = /usr/bin/isi license*
Cmnd_Alias ISI_PRIV_NDMP = /usr/bin/isi ndmp*, \
/usr/bin/isi tape*
Cmnd_Alias ISI_PRIV_NETWORK = /usr/bin/isi networks*
Cmnd_Alias ISI_PRIV_SMARTPOOLS = /usr/bin/isi filepool*
Cmnd_Alias ISI_PRIV_SNMP = /usr/bin/isi snmp*
Cmnd_Alias ISI_PRIV_STATISTICS = /usr/bin/isi batterystatus*, \
/usr/bin/isi perfstat*, \
/usr/bin/isi stat*, \
/usr/bin/isi statistics*, \
/usr/bin/isi status*
Defaults syslog=auth
root ALL=(ALL) ALL
admin ALL=(ALL) ALL
ADMINS ALL=(ALL) NOPASSWD: PROCESSES, SYSADMIN, ISI, ISI_ADMIN, \
ISI_SUPPORT, ISI_HWTOOLS
REMOTESUPPORT ALL=(ALL) NOPASSWD: REMOTE_SUPPORT_CMDS
## begin auto-generated RBAC entries
User_Alias SECURITYADMIN = #10
User_Alias SYSTEMADMIN = #10
sudoers: 171 lines, 7258 characters.
Isilon-1#
---------------------------------------------------------------
댓글 없음:
댓글 쓰기
참고: 블로그의 회원만 댓글을 작성할 수 있습니다.