How to use SUDO with Power deployments ?

Question & Answer

Question

Because of security restrictions, the NIM, VIOS and HMC servers used for TSAM require to execute everything using SUDO. I would like to know if it is possible to use SUDO when deploying Power virtual machines?

Answer

TPM has the following support for the 'sudo' functionality at TPM core level ( SSH Service Access Points / Device.ExecuteCommand):

http://pic.dhe.ibm.com/infocenter/tivihelp/v45r1/topic/com.ibm.tivoli.tpm.wkf.doc/workflows/twkf_sudo.html

However the pSeries-Server and NIM tc-drivers do not have the full 'sudo' support (even if the steps described in the doc are done to configure SSH SAP for HMC and NIM computers) - see the limitations below:
- 'sudo' functionality will work only for the TPM create/remove LPAR, NIM deployment, dynamic resource allocations (CPU/memory)
- NIM discovery and HMC discovery will not support 'sudo' functionality, because the Device.ExecuteCommand workflow is not used in the these discoveries (commands are run directly from the perl script).
- Live Partition Mobility will not support 'sudo' functionality (HMC discovery, which does not support 'sudo', is run during the LPM workflow).

[{"Product":{"code":"SSFG5E","label":"Tivoli Service Automation Manager"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"General Information","Platform":[{"code":"PF033","label":"Windows"},{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"}],"Version":"7.2.4","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Tips

How to use SUDO with Power deployments ?

Question & Answer

Question

Answer

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?