Michael Erdely
653ee79a67
Changes: * Use sudo in service.sh for Darwin to find user services if not running as root * Fix parsing the output of softwareupdate command on Darwin in update.sh * Better document usage of sudo in docs/Sudo.md
45 lines
1.2 KiB
Markdown
45 lines
1.2 KiB
Markdown
# Sudo Usage
|
|
|
|
Some commands may need to use sudo or doas to execute. Below is documentation
|
|
for those cases.
|
|
|
|
## MacOS/Darwin service.sh
|
|
|
|
The service.sh script searches users' home directories and a splunk user does
|
|
not have rights to do that.
|
|
|
|
Create a file like /etc/sudoers.d/splunk and add:
|
|
|
|
```
|
|
splunk ALL=(root) NOPASSWD: /usr/bin/find /Users -name loginwindow.plist
|
|
```
|
|
|
|
## Docker
|
|
|
|
Either add the splunk user to the docker group or run the command with sudo.
|
|
To make sudo work, create a file like /etc/sudoers.d/splunk and add:
|
|
|
|
```
|
|
splunk ALL=(root) NOPASSWD: /usr/bin/docker stats --no-stream --no-trunc --all
|
|
splunk ALL=(root) NOPASSWD: /usr/bin/docker ps --all --no-trunc --format *
|
|
splunk ALL=(root) NOPASSWD: /usr/bin/docker inspect -f *
|
|
```
|
|
|
|
## Debian/Ubuntu apt update
|
|
|
|
A splunk user does not have the ability to update the package cache.
|
|
To make sudo work, create a file like /etc/sudoers.d/splunk and add:
|
|
|
|
```
|
|
splunk ALL=(root) NOPASSWD: /usr/bin/apt update
|
|
```
|
|
|
|
## Arch Linux pacman update cache
|
|
|
|
A splunk user does not have the ability to update the package cache.
|
|
To make sudo work, create a file like /etc/sudoers.d/splunk and add:
|
|
|
|
```
|
|
splunk ALL=(root) NOPASSWD: /usr/bin/pacman -Syy
|
|
```
|
|
|