Search This Blog

Monday, 11 April 2011

sudo configuration on Solaris shared zones


Since /usr is will be read-only on zone, its not possible to do any changes on sudo configuration from shared zones. Use visudo command from global zone for below tasks.

1. Create alias for each zones with corresponding hostnames.


2. Use above alias for each line as below (user1 has privileges for below command on zone1 and user2 has zone2. Its is mandatory the user should exists on global zone.)

user1 ZONE1=NOPASSWD:/usr/bin/passwd, /usr/sbin/useradd, /usr/sbin/usermod
user2 ZONE2=NOPASSWD:/usr/bin/passwd, /usr/sbin/useradd, /usr/sbin/usermod

No comments:

Post a Comment