Skip to main content
Skip table of contents

Sudo privilege requirements for Db2 environments

This topic describes the rationale behind specific sudo privilege requirements for virtualizing Db2 Databases.   

Privilege

Sources

Targets and Staging

Rationale

mkdir/rmdir

Not Required

Required

Delphix dynamically makes and removes directories under the provisioning directory during VDB operations. This privilege is optional, provided the provisioning directory permissions allow the delphix os user to make and remove directories.

mount/umount

Not Required

Required

Delphix dynamically mounts and unmounts directories under the provisioning directory during VDB operations. This privilege is required because mount and umount are typically reserved for superuser.

It is required to specify the NOPASSWD qualifier within the "sudo" configuration file, as shown here: Sudo File Configuration Examples for Db2 Environments. This ensures that the "sudo" command does not demand the entry of a password, even for the "display permissions" (i.e. "sudo -l") command.

Delphix issues "sudo -l" in some scripts to detect if the operating system user has the correct sudo privileges. If it is unable to execute this command, some actions may fail and Delphix will raise an alert suggesting it does not have the correct sudo permissions. Restricting the execution of "sudo -l" by setting “listpw=always” in the “/etc/sudoers” file when the Delphix operating system user is configured to use public key authentication will cause the Delphix operating system user to be prompted for a password which will fail certain Delphix actions. Use a less restrictive setting for listpw than "always" when the Delphix operating system user is using public-key authentication.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.