15.76 racli enable root_access

Enables sudo to root access for the user. Requires quorum.

Syntax

racli enable root_access [--request_id=req_id] [--local_only] [--expire=num_hours]

Options

If compliance mode is enabled, a quorum is needed to disable access.

If compliance mode is not enabled, quorum is not needed.

--request_id

The request id for the disable request.

--local_only

Makes this command is local_only. This can be run on the local node, but cannot be run on other nodes

--expire

The number of hours to enable root access for. After this time, root access will be automatically disabled. Default value is 24 hours.

Details

This command is local_only. This can be run on the local node, but cannot be run on other nodes.

Use racli enable root_access when temporary sudo access is required for the root user. The access logs for sudo are found in /var/log/secure. For example:
Jul 25 07:19:27 <hostname> sudo[60125]: raadmin : TTY=pts/0 ; PWD=/rausers/<admin_user> ;
 USER=root ; COMMAND=/opt/oracle.RecoveryAppliance/bin/racli add db_user --user_name=<user_name> 
--user_type=vpc --tenant_identifier=xxxxxxxxxxx --tenant_name=<tenant_name>