Forum Stats

  • 3,876,221 Users
  • 2,267,082 Discussions
  • 7,912,474 Comments

Discussions

Is it possible to install SGD as an account other than root

4240417
4240417 Member Posts: 2
edited Apr 29, 2020 12:58PM in Secure Global Desktop

Our cloud services do not provide our projects with root account passwords. Instead they provide us with sudo capability.

However, the SGD product requires the initial login as Administrator using the root password.

Is it possible to install as a non-root account (e.g., oracle)? or to use a tarantella command to change the Administrator password account post install to use a non-root account?

Best Answer

  • Jan-Oracle
    Jan-Oracle Member Posts: 122 Employee
    edited Apr 28, 2020 12:28PM Answer ✓

    I am afraid the product needs to be installed with root privileges, and some command line options also require root privileges (eg. tarantella start/stop).

    It is possible to elevate any normal Unix user to Global Administrator role privileges by adding the according User Profile to that role.

    This will create a new user and SGD user profile (I put the profile in the Tarantella System Objects location, but you can change that to suit your needs)

    useradd -m -c 'sgd administrator' sgdadmin && echo sgdadmin:SGDadminPassword | chpasswdtarantella object new_person --surname "SGD Administrator" --name "o=tarantella system objects/cn=sgdadmin" --user "sgdadmin"tarantella role add --role "o=Tarantella System Objects/cn=Global Administrators" --member "o=tarantella system objects/cn=sgdadmin"

    Now the user sgdadmin has the same privileges as the default Administrator user when authenticated to SGD

Answers

  • Jan-Oracle
    Jan-Oracle Member Posts: 122 Employee
    edited Apr 28, 2020 12:28PM Answer ✓

    I am afraid the product needs to be installed with root privileges, and some command line options also require root privileges (eg. tarantella start/stop).

    It is possible to elevate any normal Unix user to Global Administrator role privileges by adding the according User Profile to that role.

    This will create a new user and SGD user profile (I put the profile in the Tarantella System Objects location, but you can change that to suit your needs)

    useradd -m -c 'sgd administrator' sgdadmin && echo sgdadmin:SGDadminPassword | chpasswdtarantella object new_person --surname "SGD Administrator" --name "o=tarantella system objects/cn=sgdadmin" --user "sgdadmin"tarantella role add --role "o=Tarantella System Objects/cn=Global Administrators" --member "o=tarantella system objects/cn=sgdadmin"

    Now the user sgdadmin has the same privileges as the default Administrator user when authenticated to SGD

  • 4240417
    4240417 Member Posts: 2
    edited Apr 29, 2020 12:58PM

    That works Thankyou!

    one clarification to syntax above is to use role "add_member".

    arantella role add_member --role "o=Tarantella System Objects/cn=Global Administrators" --member "o=tarantella system objects/cn=sgdadmin"