SD-WAN

We have a customer wanting to power down their 128T routers for a scheduled power outage.¾Is there an Admin account that we can create for the customer to safely power down the router which doesn't have root access? We would like to create an account with limited privileges if possible. Any help is appreciated!

Hey Jeremy, the Linux host of a 128T node can be set up with any number of privileged and non-privileged users for administering the overall system. The 128T SW sets up `admin` user and `128t`, `128t-user` and `128t-admin` groups for the purposes of administration of the 128T SW.

 

If an enterprises Linux system administration practices don't call for a particular user scheme, then as a matter of convention we'll typically set up nodes with a `t128` privileged user for doing system administration (so that the root user isn't required for logins). Check to see if you have the `t128` user on your hosts, and that they are in the `wheel` group:

[user@host ~]$ groups t128 t128 : t128 wheel

If you've got that, then the `t128` user should be able to gracefully power down the system with something like this:

[user@host ~] sudo systemctl stop 128T && sudo shutdown -h now

 

Can the customer make negative impacting changes to the system logging in with 128t-user? Is this at a CLI level that they cannot make config changes?

Yeah, users that have the '128t-user' group are given read-only permissions on the 128T configuration.

 

For example, when I add a user with a `user` role through the GUI, I can see it show up with the `128t-user` group in the Linux host.