Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Dynatrace Community
- Open Q&A
- Using Dynatrace
- Dynatrace Open Q&A
- Re: privileges dynatrace OS user (redhat) Problem with installation
Options
- Mark Topic as New
- Mark Topic as Read
- Pin this Topic for Current User
- Printer Friendly Page
Hi all!
Can you tell me what OS user privileges need to user dynatrace:dynatrace by default.
Insufficient system privileges on SERVER at location
's' (id=1)Dynatrace is not able to gain elevated privileges.
This means that the automatic upgrades and adding/removing nodes to cluster
will not work. Check if the executable /opt/dtrun/dtrun has the root privileges granted
User was created manually by administrators... I think, automatic user creation dynatrace:dynatrace not passed in this case.
What flags and privileges i need to add to user dynatrace:dynatrace to have ability automatic update and e.t.c.
Regards,
Alexander
Solved! Go to Solution.
Labels:
- Labels:
-
dynatrace managed
-
installation
-
oneagent
12 REPLIES 12
Hi,
Your dynatrace user needs to be able to use sudo (or similar) to run these commands without asking password:
sudo /opt/dtrun/dtrun
sudo systemctl ...
You can specify this in the file /etc/sudoers, or request this to the server administrators.
If you don't have sudo available because customer use another tool, you have to check the documentation (What if my company uses a privilege management system other than sudo?😞
https://www.dynatrace.com/support/help/installatio...
You have to request the privileges listed above and pass a special parameter to the dynatrace installer, like: /bin/sh dynatrace-managed-installer.sh ..... --sudo-cmd "/usr/bin/pbrun \$CMD"
The installer does a check on the sudo replacement you specified, and aborts if the checks fails.
In my case, customer used centrify (utility dzdo instead of sudo). Additionally to the above, I had to force that the dynatrace services start AFTER centrify service.
Regards,
Antonio V.
i have this output from /etc/passwd
dynatrace:x:1000:1000::/home/dynatrace:/bin/bash
I know that customer uses "sudo" on server....
User dynatrace include in sudoers group and can sudo command. I have no idea why it not working.
Hi,
Ok the user exists. Now, you have to request the instruction in the sudoers file where the dynatrace user is being granted to run the commands without asking password. See my last post about how to do it. You can test it yourself, try:
sudo systemctl -a
If this command requests a password, it is not configured properly. Use this as a evidence that the configuration is not correct. The line in the sudoers file should start like this:
dynatrace ALL=(ALL) NOPASSWD:/bin/systemctl, /opt/dtrun/dtrun
Regards,
Antonio V.
Ok, thanks, i will try it tommorow and tell you about results.
Thank you for help.
regards,
Alexander
Hi Antonio.
I have a same problem, but i need exactly what lines the sysadmin must add...
Can you help me?
Thanks in advance
Hi,
The following is how to do it for sudo:
1.- Log in as root
2.- Specify vi as the editor to use
export EDITOR=vi
3.- Edit file /etc/sudoers. To do this you use the utility visudo, which calls the editor and checks/parse that the sintax is correct.
visudo
3.- Add this to the end of the file to allow one specific user to run a list of commands without asking password:
dynatrace ALL=(ALL) NOPASSWD:/bin/systemctl, /opt/dtrun/dtrun
where dynatrace is the service account that you are going to use to install dynatrace managed. That user should exists before running visudo.
4.- The way to test this is: log in as the user dynatrace, and run
sudo /opt/dtrun/dtrun /bin/ls /tmp
It should not prompt for a password and it should run as root the command "/bin/ls /tmp".
I think that should do the trick.
Kind regards,
Antonio V.
As you mentioned to test this, I need to login as the user dynatrace, however do you know what is the password for login into account 'dynatrace'? Since this user is created during installation.
Hi,
No idea. I had root access, so a simple "su - dynatrace" will log you in as that user.
Regards,
A.
Thanks a lot Antonio, i will try and let you know! one shot more... do the user must have password or shell?
Hi,
Yes, at least for the installation, it should have both: password and a shell (usually bash).
Regards,
Antonio V.
Antonio, amazing! the user worked successfully! Thanks for your support!
Hi Emiliano,
Good news! You welcome.
Antonio V.
Related content
- One ActiveGate with multiple AWS Accounts in Cloud platforms
- Dynatrace for ECS Fargate shows only one task at same time in Cloud platforms
- Application Detection Rule in Dynatrace Open Q&A
- Dynatrace one agent(Linux) installation failed in Dynatrace Open Q&A
- Installing easyTravel App in Dynatrace Open Q&A
