Skip to content
  • There are no suggestions because the search field is empty.

How to add users to a sudo group to run specific root privileged commands in NetWitness

Issue

Non-root users need to run specific root-privileged commands.


Resolution

In this example, user "user1" needs to run the command "status nwlogcollector" to check the status of the service. Here is how to do it :

1. Create a SUDO group, call it sudogrp, using the following :
# groupadd sudogrp

2. Add existing user to above group:
# usermod -G sudogrp user1
 
3. Change permission on file /etc/sudoers:
# chmod 640 /etc/sudoers
 
4. Modify the file , using vi , and include the following lines at the end of the file /etc/sudoers. This allows the user to run just the specified command at an elevated privilege:
%sudogrp ALL = NOPASSWD: /sbin/status
 
5. Save the file.
 
6. Change the permission on /etc/sudoers back to 440:  
# chmod 440 /etc/sudoers
 
7. You should now be able to log in with user1 and run the specified root-privileged command. For example to check the status of nwlogcollector:
# sudo status nwlogcollector

Product Details

RSA Product Set: NetWitness Platform
RSA Product/Service Type:  All NetWitness Appliances
RSA Version: 12+

Approval Reviewer Queue

Technical approval queue