Creating a super user on an AIX operating system

You can create a user with required permissions to run the adapter correctly on a workstation that uses an AIX® operating system.

1. Create a user.
   1. Issue the command:

      mkuser home="/home/tdiuser" shell="/usr/bin/ksh" tdiuser

   2. Set the following statement in the user PATH environment variable:

      PATH=/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:
      /usr/local/bin

      The following commands must be in the user path:

      mv, tee, cp, kill, chsec, mkdir, rm, sudo

      If the super user is used to log in and run commands, then '.' can be added to the PATH environment variable.

2. Grant sudo permissions to the user for AIX commands.
   Note: By default, the sudo command requires user authentication before it runs a command. To modify this behavior, add the NOPASSWD tag to the sudoers file entry.
   1. Open the sudoers file.
      Issue the following command:

      bash-2.05b$ visudo

   2. If the line Defaults requiretty exists in the file, comment it out.

      #Defaults requiretty

   3. Insert the following lines to allow sudo access.
      The entry beginning with tdiuser must be entered on a single line. It is displayed here as multiple lines for readability.

      # User privilege specification
      tdiuser ALL=NOPASSWD:/usr/bin/pwdadm,/usr/bin/passwd,/usr/bin/mkuser,
      /usr/sbin/rmuser,/usr/bin/chuser,/usr/bin/chmod,/usr/bin/cat,
      /usr/bin/rm,/usr/bin/tee,/usr/bin/ed,/usr/bin/groups,/usr/bin/ls,
      /usr/bin/logins,/usr/sbin/lsuser,/usr/bin/mv,/usr/sbin/lsgroup,
      /usr/bin/chpasswd,/usr/bin/chsec,/usr/sbin/usermod,/usr/sbin/lsrole,
      /usr/bin/mkgroup,/usr/sbin/rmgroup,/usr/bin/chgroup,/usr/bin/mkrole,
      /usr/sbin/rmrole,/usr/bin/chrole,/usr/bin/mkdir,/usr/bin/rm,
      /usr/bin/kill,/usr/bin/hostname

      The following commands are used by the connector but are not needed in the sudoers file. However, if the sudo user is used, the user needs execute permissions on these commands.

      /usr/bin/tr, /usr/bin/cut, /usr/bin/egrep, /usr/bin/awk, 
      /usr/bin/sort, /usr/bin/ps, /usr/bin/sed
      

      Note: The UNIX and Linux Adapter does not support accessing the endpoint as a user with sudo log_output enabled.
   4. Validate the format of the /etc/sudoers file
      Issue the command:

      visudo -c

      If syntax is wrong the command prompts an error message, for example:

      $ visudo -c 
              >>> sudoers file: syntax error, line 30 <<< 
              parse error in /etc/sudoers near line 30 

      Note: The sudo access command paths that are listed here are an example. The actual command paths vary depending upon the resource. Ensure that the correct path is specified in the sudoers file.
3. Set the password for the newly created user.
   Issue the command:

   bash-2.05b$passwd tdiuser