Creating a super user on a Solaris operating system

You can create a user with the required permissions to run the adapter correctly on a workstation that uses a Solaris operating system.

About this task

In this example, the user is "tdiuser".

Procedure

  1. Create a user and specify the home directory.
    1. Issue the command: 
      useradd –d "/home/tdiuser" –s "/sbin/sh" –m tdiuser
    2. Ensure that the /home/tdiuser/.profile file exists. If not, you must create the .profile file.
    3. Set the following statement in the user PATH environment variable: 
      PATH=/usr/bin:/etc:/usr/local/sbin:/usr/local/bin

      The following commands must also be in the user path:

      mv, tee, cp, kill, mkdir, rm, sudo

      If the super user is used to log in and run commands, then '.' can be added to the PATH environment variable.

  2. Grant sudo permissions to the user for all commands.
    Note: By default, the sudo command requires user authentication before it runs a command. To modify this behavior, add the NOPASSWD tag to the sudoers file entry.
    1. Open the sudoers file.
      Issue the following command:
      bash-2.05b$ visudo
    2. If the line Defaults requiretty exists in the file, comment it out. 
      #Defaults requiretty
    3. Insert the following lines to allow sudo access.
      The entry beginning with tdiuser must be entered on a single line. It is displayed here as multiple lines for readability.
      # User privilege specification
tdiuser ALL=NOPASSWD:/usr/bin/passwd,/usr/sbin/useradd,
/usr/sbin/usermod,/usr/sbin/userdel,/usr/bin/tee,/usr/bin/chmod,
/usr/bin/cat,/usr/bin/logins,/usr/bin/ls,/usr/bin/ed,/usr/bin/cp,
/usr/sbin/groupadd,/usr/sbin/groupmod,/usr/sbin/groupdel,
/usr/bin/mkdir,/usr/bin/rm,/usr/bin/kill,/usr/bin/hostname
      The following commands are used by the connector but are not needed in the sudoers file. However, if the sudo user is used, the user needs execute permissions on these commands.
      /usr/bin/tr, /usr/bin/cut, /usr/bin/egrep, /usr/bin/awk, 
/usr/bin/sort, /usr/bin/ps, /usr/bin/sed
      Note: The UNIX and Linux Adapter does not support accessing the endpoint as a user with sudo log_output enabled.
    4. Validate the format of the /etc/sudoers file
      Issue the command: 
      visudo -c
      If syntax is wrong the command prompts an error message, for example:
      $ visudo -c 
        >>> sudoers file: syntax error, line 30 <<< 
        parse error in /etc/sudoers near line 30
      Note: The sudo access command paths that are listed here are an example. The actual command paths vary depending upon the resource. Ensure that the correct path is specified in the sudoers file.
  3. Set the password for the newly created user.
    Issue the command: 
    bash-2.05b$passwd tdiuser