sudo insufficient permissions for MegaRAID #146
Comments
|
AFAIK you are not escalating privileges with zabbix, just executing it with its user. Try to login as zabbix: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The described permissions for sudoers.d are unfortunately not sufficient for Zabbix to do a discovery, nor to read out SMART attributes for MegaRAID.
Is there any workaround?
Details are below:
[root@io02 ~]# sudo -u zabbix groups
zabbix disk
[root@io02 ~]# sudo -u zabbix /usr/sbin/smartctl --scan
/dev/sda -d scsi # /dev/sda, SCSI device
/dev/sdb -d scsi # /dev/sdb, SCSI device
/dev/sdd -d scsi # /dev/sdd, SCSI device
(megaraid devices are not found...)
[root@io02 ~]# sudo -u zabbix /usr/sbin/smartctl -a /dev/bus/0 -d megaraid,65
smartctl 7.0 2018-12-30 r4883 [x86_64-linux-3.10.0-1062.4.3.el7.x86_64] (local build)
Copyright (C) 2002-18, Bruce Allen, Christian Franke, www.smartmontools.org
Smartctl open device: /dev/bus/0 [megaraid_disk_65] failed: cannot open /dev/megaraid_sas_ioctl_node or /dev/megadev0
[root@io02 ~]# ll /dev/megaraid_sas_ioctl_node
cr--r----- 1 root root 243, 0 Jul 28 10:49 /dev/megaraid_sas_ioctl_node
On the other hand, as "root" it is possible to do the discovery scan and readout:
[root@io02 ~]# /usr/sbin/smartctl --scan
/dev/sda -d scsi # /dev/sda, SCSI device
/dev/sdb -d scsi # /dev/sdb, SCSI device
/dev/sdd -d scsi # /dev/sdd, SCSI device
/dev/bus/0 -d megaraid,38 # /dev/bus/0 [megaraid_disk_38], SCSI device
/dev/bus/0 -d megaraid,39 # /dev/bus/0 [megaraid_disk_39], SCSI device
/dev/bus/0 -d megaraid,40 # /dev/bus/0 [megaraid_disk_40], SCSI device
/dev/bus/0 -d megaraid,41 # /dev/bus/0 [megaraid_disk_41], SCSI device
...
[root@io02 ~]# /usr/sbin/smartctl -a /dev/bus/0 -d megaraid,65 | grep defect
Grown defects during certification
Elements in grown defect list: 0
The text was updated successfully, but these errors were encountered: