SD-WAN

 View Only
last person joined: 14 days ago 

Ask questions and share experiences with SD-WAN and Session Smart Router (formerly 128T).
  • 1.  User account without root access to power down a 128T router

    Posted 05-02-2018 00:00
    We have a customer wanting to power down their 128T routers for a scheduled power outage.¾Is there an Admin account that we can create for the customer to safely power down the router which doesn't have root access? We would like to create an account with limited privileges if possible. Any help is appreciated!


  • 2.  RE: User account without root access to power down a 128T router

     
    Posted 05-02-2018 00:00

    Hey Jeremy, the Linux host of a 128T node can be set up with any number of privileged and non-privileged users for administering the overall system. The 128T SW sets up `admin` user and `128t`, `128t-user` and `128t-admin` groups for the purposes of administration of the 128T SW.

     

    If an enterprises Linux system administration practices don't call for a particular user scheme, then as a matter of convention we'll typically set up nodes with a `t128` privileged user for doing system administration (so that the root user isn't required for logins). Check to see if you have the `t128` user on your hosts, and that they are in the `wheel` group:

    [user@host ~]$ groups t128 t128 : t128 wheel

    If you've got that, then the `t128` user should be able to gracefully power down the system with something like this:

    [user@host ~] sudo systemctl stop 128T && sudo shutdown -h now

     



  • 3.  RE: User account without root access to power down a 128T router

    Posted 05-02-2018 00:00

    Can the customer make negative impacting changes to the system logging in with 128t-user? Is this at a CLI level that they cannot make config changes?



  • 4.  RE: User account without root access to power down a 128T router

     
    Posted 05-02-2018 00:00

    Yeah, users that have the '128t-user' group are given read-only permissions on the 128T configuration.

     

    For example, when I add a user with a `user` role through the GUI, I can see it show up with the `128t-user` group in the Linux host.