Creating a privileged account using sudo

Some products that you install will require that you enter a root account and password to perform product configuration tasks. Instead of entering the root account and password, you can install and configure sudo, then create a sudo-privileged account, and enter the sudo account and password in place of the root account and password. You must install and configure sudo before you begin the product installation.

Related topics

Preparing-to-install-BMC-products-on-UNIX-computers

Installing-products-in-a-UNIX-environment

System-requirements-for-installing-on-UNIX-computers

To install and configure sudo

  1. Download sudo version 1.6.7p5 or later from the following URL: www.sudo.ws.
  2. Install sudo in the /usr/local/bin directory. If you install it in another location, create a link in /usr/local/bin directory to the location where sudo is installed.
  3. Reconfigure sudo to turn off password caching by entering the following command:
    ./configure --with-timeout=0
     Password caching causes sudo sessions to be on a timer, meaning one sudo operation could allow multiple operations without password authentication. The installation utility code that is used to support sudo expects a password prompt every time sudo is invoked; therefore, password caching should be turned off for sudo to work correctly with the installation utility.
  4. On the computer where you install sudo, enter the following lines for the User privilege specification in the sudoers file located in the local /etc directory:
    install_accountname ALL=(ALL) NOPASSWD:ALL
    Defaults:install_accountname shell_noargs, timestamp_timeout=0, !set_logname
     The variable install_accountname is the name that you give to your sudo-privileged account. These entries authenticate the user. The installation utility always expects a password prompt, so sudo must be configured to supply the password. No entries are required for the host alias, user alias, or command alias specifications.
    The following is an example sudoers file:
     #/etc/sudoers example file
     #Host alias specification
     #User alias specification
     #Cmnd alias specification
     #User privilege specification
    install_accountname ALL=(ALL) NOPASSWD:ALL
    Defaults:install_accountname shell_noargs, timestamp_timeout=0, !set_logname

     The variable install_accountname is the name that you give to your sudo-privileged account.

    After sudo is installed and configured, run the installation utility to perform the product installation. In the pages that require the root account and password, enter the sudo-privileged account and password instead.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*