HPE Community
Disk Enclosures
1752793 Members
6547 Online
108789 Solutions
New Discussion юеВ

Re: allowing oracle to run pairdisplay horcm commands

 
Jeff Yaskus
New Member

тАО11-19-2008 11:46 AM

тАО11-19-2008 11:46 AM

allowing oracle to run pairdisplay horcm commands

I'm trying to allow the oracle user account to run the pairdisplay command.

I have installed SUDO and given the permission to run it.

/usr/local/etc/sudoers file :
%dba ALL= /HORCM/usr/bin/pairdisplay, /usr/bin/pairdisplay

BUT -- it seems these are calling other commands, which are not running as ROOT and thus -- are failing;

-bash-3.00$ sudo /HORCM/usr/bin/pairdisplay -g sqpr3
Password:
pairdisplay: [EX_ATTHOR] Can't be attached to HORC manager
Refer to the command log(/HORCM/log/horcc_sqprdbk2.log) for details.

BUT IT DOES WORK AS ROOT (of course);
-bash-3.00$ logout
logout
bash-3.00# /HORCM/usr/bin/pairdisplay -g sqpr3 2>&1 | head -5
Group PairVol(L/R) (Port#,TID, LU-M) ,Seq#,LDEV#.P/S,Status, Seq#,P-LDEV# M
sqpr3 sqpr3_000(L) (CL3-D ,44, 6-0 )32173 5700.S-VOL SSUS,----- 85 -
sqpr3 sqpr3_000(R) (CL2-A , 8, 4-0 )32173 85.P-VOL PSUS,32173 5700 W
sqpr3 sqpr3_001(L) (CL3-D ,44, 7-0 )32173 5702.S-VOL SSUS,----- 79 -
sqpr3 sqpr3_001(R) (CL2-A , 8, 2-0 )32173 79.P-VOL PSUS,32173 5702 W

Any ideas on how I can properly set this up using SUDO ... so that the DBAs can run this correctly?

The log suggests its trying to run a C program, which fails?
bash-3.00# tail - 50 /HORCM/log/horcc_sqprdbk2.log
CMDLINE : /HORCM/usr/bin/pairdisplay -g sqpr3
*********** SYSTEM ERROR ***********
P.P. : Raid Manager XP for HP-UX
Model : Raid-Manager-XP/HP-UX
Ver&Rev: 01.19.04
Release: Production

Host: sqprdbk2
EUserId: root (0)
Process: 22374

[System Call Error]
SysCall: bind
Errorno: 2 (No such file or directory)
ErrInfo: Internal Error
ErrTime: Wed Nov 19 11:39:35 2008
SrcFile: shorcmc.c
SrcLine: 653

11:39:36-04ccf-22374- 22374:HORCM death detected
11:39:39-2a9ed-22374- ERROR:cm_open[scmclcon() timeout_err]
11:39:39-2c366-22374- ERROR:horcm_lep_create
11:39:39-2d303-22374- [pairdisplay][exit(251)]
[EX_ATTHOR] Can't be attached to HORC manager
[Cause ]:Couldn't connect with the HORC manager.
[Action]:Please check if HORC manager is running or if HORCMINST is set correctly.
bash-3.00#
0 Kudos
Reply
2 REPLIES 2
Jeff Yaskus
New Member

тАО11-19-2008 03:38 PM

тАО11-19-2008 03:38 PM

Re: allowing oracle to run pairdisplay horcm commands

near as I can tell, this won't work ... the horcm commands seem to spawn off system calls and such which expect you to be root.

Only alternative I see now -- is letting them have full sudo to root access in order to run the commands.
0 Kudos
Reply
Jeff Yaskus
New Member

тАО11-20-2008 10:49 AM

тАО11-20-2008 10:49 AM

Re: allowing oracle to run pairdisplay horcm commands

it WILL work !!!

I created a script under /admin/ck and set the sticky bit (chmod 4540 /admin/ck)

The important thing was to include the shell at beginning of the script and set the HORCM variables.

bash-3.00# cat /admin/ck
#!/usr/local/bin/bash

#source horcm variables
declare -x HORCC_MRCF="1"
declare -x HORCMINST="0"

# running pairdisplay
pairdisplay -g $1

Now, to run it I logged in as oracle and ran the command "sudo /admin/ck sqpr3" ... and NOW it works!!!

so for the next time;
* set the variables for horcm
* set the shell at start of your script
* use setuid bit to run it as root
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.