For Linux users, add the following entries to the sudoers file:
Cmnd_Alias ACSSINSTALL = /bin/chmod, /bin/chown, \
/bin/chgrp, /bin/cp, /bin/ex, /usr/bin/unzip, \
/bin/grep, /bin/ls, /bin/mkdir, /bin/rmdir, \
/opt/exalytics/asr/bda_mon_hw_asr.pl, \
/usr/bin/passwd, /usr/sbin/groupadd, \
/usr/sbin/useradd, /usr/sbin/usermod, \
/usr/bin/ipmitool, /usr/bin/ipmitool, /usr/bin/xenstore-list, \
/opt/oracle/oak/oakcli, /usr/sbin/dmidecode, \
/opt/exalytics/asr/bda_mon_hw_asr.pl, \
<ServiceEMBase>/agent_home/core/<version>/root.sh,\
<ServiceEMBase>/agent_home/agent_<version>/root.sh,\
/opt/oracle.cellos/compmon/exadata_mon_hw_asr.pl, \
/opt/oracle.cellos/imageinfo, \
/opt/oracle/dbserver/dbms/bin/dbmcli, \
/opt/exalogic/usr/sbin/imageinfo, \
/usr/sbin/imageinfo, /usr/sbin/xm, \
/usr/bin/tfactl, /usr/bin/ahfctl, \
/tmp/install_ahf_no_cfg.sh, /tmp/install_ahf.sh, \
/opt/oracle/bda/bin/imageinfo, \
/usr/bin/exachk, \
/opt/oracle.ahf/exachk/exachk, \
/usr/local/bin/imageinfo, \
/opt/oracle/bda/bin/imageinfo, \
/usr/sbin/pca-admin, \
/usr/bin/virsh, \
/usr/bin/systemctl enable oracle-oasgagent.service, \
/usr/bin/systemctl start oracle-oasgagent.service, \
/usr/bin/systemctl stop oracle-oasgagent.service, \
/usr/bin/systemctl restart oracle-oasgagent.service, \
/usr/bin/systemctl status oracle-oasgagent.service, \
/sbin/chkconfig --add oasgagent, \
/sbin/chkconfig --on oasgagent, \
/sbin/chkconfig --off oasgagent, \
/sbin/service oasgagent start, \
/sbin/service oasgagent stop, \
/sbin/service oasgagent restart, \
/sbin/service oasgagent status, \
/usr/bin/python3 /tmp/db_compliance_check.py, \
/usr/bin/python2 /tmp/db_compliance_check.py
<user> ALL=(ALL) ACSSINSTALL
The user must also have the sudo binary in their path to allow it to execute without a full path.
If Oracle Enterprise Manager (OEM) agents are installed on an Exalogic, an NFS mount is configured by Oracle, and the user must also have the following command added to the profile:
Cmnd_Alias ACSSH/SCPAREDINSTALL = /bin/mount <user> ALL=(ALL) ACSSH/SCPAREDINSTALL