Active IQ Unified Manager Discussions

Rights needed for VM guest server monitoring

95HUSKERS
4,059 Views

We are working to try and setup Insight Balance to monitor the in guest OS. (servers as it's listed in Balance)

I see how to add credentials and to specify a proxy server, but I cannot find in the documentation where it says what rights/roles are needed to monitor inside of the guest.

So for example, when setting up a credential for our Linux VM's, what right/role does that credential need in the guest OS?

While I'm sure you could give the credential root in Linux or local administrator in Windows, is there a specific role/rights that we can give it so that it doesn't need full root/admin rights?

If so, is this documented somewhere?

1 ACCEPTED SOLUTION

mhowes
4,059 Views

Hi Drew,

This is documented in the Installation and Configuration Guide, under password authentication for Linux/UNIX servers. Have you configured the sudoers file on each of the Linux VMs? You need to add the Balance user to /etc/sudoers using the visudo command.

The following entries must be in your sudoers file, which can only be modified by running visudo as root. visudo can be found in /usr/local/sbin.

Defaults !env_reset

username hostname=NOPASSWD: /sbin/fdisk,/sbin/scsi_id,/lib/udev/scsi_id,/usr/local/bin/inq,/sbin/powermt,/usr/lib/vxvm/diag.d/vxdmpinq,/usr/lib/vxvm/diag.d/vxscsiinq,/usr/sbin/vxdisk,/sbin/dmsetup,/bin/mdadm,/sbin/lvm,/usr/local/bin/scsli,/opt/QLogic_Corporation/SANsurferCLI/scsli

where:

  • username is the username for accessing the Linux/UNIX server.
  • hostname is the FQDN/IP of the Linux/UNIX server. The hostname can be ALL to allow a connection from any host. (ALL) after the “=” is the UID with which you are allowed to sudo.

The default locations are assumed for these utilities. To enable a password prompt, change NOPASSWD to PASSWD.

View solution in original post

3 REPLIES 3

mhowes
4,060 Views

Hi Drew,

This is documented in the Installation and Configuration Guide, under password authentication for Linux/UNIX servers. Have you configured the sudoers file on each of the Linux VMs? You need to add the Balance user to /etc/sudoers using the visudo command.

The following entries must be in your sudoers file, which can only be modified by running visudo as root. visudo can be found in /usr/local/sbin.

Defaults !env_reset

username hostname=NOPASSWD: /sbin/fdisk,/sbin/scsi_id,/lib/udev/scsi_id,/usr/local/bin/inq,/sbin/powermt,/usr/lib/vxvm/diag.d/vxdmpinq,/usr/lib/vxvm/diag.d/vxscsiinq,/usr/sbin/vxdisk,/sbin/dmsetup,/bin/mdadm,/sbin/lvm,/usr/local/bin/scsli,/opt/QLogic_Corporation/SANsurferCLI/scsli

where:

  • username is the username for accessing the Linux/UNIX server.
  • hostname is the FQDN/IP of the Linux/UNIX server. The hostname can be ALL to allow a connection from any host. (ALL) after the “=” is the UID with which you are allowed to sudo.

The default locations are assumed for these utilities. To enable a password prompt, change NOPASSWD to PASSWD.

95HUSKERS
4,059 Views

mhowes,

This is exactly what I was looking for.  Thanks for your help!

Not sure how I missed it in the configuration guide...

Drew

mhowes
4,059 Views

Glad to hear it!

Mike

Public