MSSQL Linux Sudo Privileges for the environment OS User

Continuous Data Engine connects to the target host (via SSH) to majorly perform the following operations:  

  1. Continuous Data dynamically mounts and unmounts directories for linking and provisioning operations.This privilege is required because mount and unmount are typically reserved for superuser. 

  2. Continuous Data dynamically creates and removes directories for linking and provisioning operations. 

The operations (1) and (2) will require sudo privileges for the OS user.  

Configuring sudo access on target environments (as root user): 

  1. The sudo configuration exists in the /etc/sudoers file. The file can be edited directly or a utility called visudo can be used to add the privilege. 

    vi /etc/sudoers 
# Or 
visudo 

  2. Adding the privileges 

    Defaults:delphix_os !requiretty 
delphix_os ALL=NOPASSWD: /bin/mount,/bin/umount,/bin/mkdir,/bin/rmdir, /bin/ps 
The following examples are for illustrative purposes and the sudo file configuration options are subject to change. 

Requiretty settings 

Continuous Data requires that the requiretty setting be disabled for all Continuous Data users with sudo privileges. 

It is required to specify the NOPASSWD qualifier within the sudo configuration file. This ensures that the sudo command does not demand the entry of a password, even for the display permissions (i.e. "sudo -l") command. 

  • Additionally, Delphix OS user should be, 

  • Regular o/s user - e.g., delphix_os 

  • Add OS user to MSSQL OS group 

  • Must have access to backup files of the Source database stored on the staging host. 

  • Empty folder on host to hold delphix toolkit [approximate 2GB free space]

  • Empty folder on host to mount nfs filesystem. This is just an empty folder with no space requirements and acts as a base folder for NFS mounts. 

  • sudo privileges for mount and umount. See sample below assuming delphix_os is used as delphix user. 

  • If MSSQL service is installed using MSSQL user, Delphix OS user e.g., delphix_os must have privilege to run any command as MSSQL using sudo 

  • Ensure any login banners similar to the one in the image below must be disabled on the staging host. 

  • MSSQL binaries installed and configured: 

  • disable a auto start using OS services 

  • systemctl disable MSSQL-server.service 

  • systemctl stop MSSQL-server.service.
    MS SQL Linux requiretty settings