Privileged commands for Discovery

To discover certain information on a host server, Discovery must run SSH commands with higher privilege.

An example of information that requires elevated privileges is information about storage disks on a host server, retrieved with the fdisk -l command. If your system cannot use sudo commands, you must configure the hosts in your network to use one of the other privileged commands.

For a list of possible SSH commands requiring root privileges, see UNIX and Linux commands requiring root privileges for Discovery and Orchestration.

Note: You can have different privileged commands set up for different hosts. However, Discovery supports only one privileged command per host.
Table 1. SSH privileged escalation command requirements
Command Description
sudo
  • Host must support the sudo -S -p <password> command and return the correct list of allowed SSH commands.
  • Credentials provided for Discovery must be able to run the command sudo -S -p <password> <commands>.
pbrun
  • Host must support the pbrun -v command and return the correct version of PowerBroker.
  • Credentials provided for Discovery must be able to run pbrun <commands>.
  • Discovery does not support any other pbrun - options, such as a password prompt.
pfexec
  • Host must support the pfexec id -a command and return the correct ID.
  • Credentials provided for Discovery must be able to run pfexec <commands>.
  • Discovery does not support any other pfexec - options, such as a password prompt.
dzdo
  • Host must support the command –v dzdo command and return the path to dzdo in standard output.
  • Credentials provided for Discovery must be able to run dzdo <commands>.
  • Discovery does not support any other dzdo – options, but Discovery supports password authentication for dzdo.