Safeguard for Sudo generates log files containing event timestamps based on the local clock of the authorizing policy server.
To synchronize all policy servers in the policy group, use Network Time Protocol (NTP) or a similar method of your choice.
Safeguard for Sudo generates log files containing event timestamps based on the local clock of the authorizing policy server.
To synchronize all policy servers in the policy group, use Network Time Protocol (NTP) or a similar method of your choice.
Once you have installed and configured the primary policy server, you are ready to install a Sudo Plugin on a remote host.
To check a Sudo Plugin host for installation readiness
Log on to the remote host system as the root user and navigate to the files you extracted on the primary policy server.
From the root directory, run a readiness check to verify the host meets the requirements for installing and using the Sudo Plugin, by running:
# sh pmpreflight.sh --sudo --policyserver <myhost>
where <myhost> is the hostname of the primary policy server.
Running pmpreflight.sh --sudo performs these tests:
Basic Network Conditions:
Hostname is configured
Hostname can be resolved
Reverse lookup returns it own IP
Policy Server Connectivity
Hostname of policy server can be resolved
Can ping the policy server
Can make a connection to policy server
Policy server is eligible for a join
Sudo Installation
sudo is present on the host
sudo is in a functional state
sudo is version 1.8.1 (or later)
Prerequisites to support off-line policy caching
SSH keyscan is available
Policy server port is available
Resolve any reported issues and rerun pmpreflight until all tests pass.
To install a Sudo Plugin on a remote host
Log on as the root user.
Change to the directory containing the qpm-plugin package for your specific platform. For example, on a 64-bit Red Hat Linux, enter:
# cd sudo_plugin/linux-x86_64
Run the platform-specific installer. For example, on Red Hat Linux run:
# rpm --install qpm-plugin-*.rpm
Once you install the Sudo Plugin package, the next task is to join it to the policy server.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center