Show Table of Contents
8.4. Remote Commands
With UNIX support, RHN offers the flexibility of issuing remote commands on client systems through the Satellite's RHN website. This feature allows you to run virtually any (compatible) application or script on any system in your domain without ever having to open a terminal.
8.4.1. Enabling Commands
With the flexibility this tool offers comes great risk and the responsibility to mitigate that risk. For all practical purposes, this feature grants a root BASH prompt to anyone with administrative access to the system on the website.
This can be controlled, however, through the same config-enable mechanism used to determine which systems can have their configuration files managed by Red Hat Network. Refer to Section 220.127.116.11.3, “System Details ⇒ Configuration — ” for details.
In short, you must create a directory and file on the UNIX system that tell RHN it is acceptable to run remote commands on the machine. The directory must be named
script, the file must be named
run, and both must be located in the
/etc/sysconfig/rhn/allowed-actions/directory specific to your UNIX variant.
For instance, in Solaris, issue this command to create the directory:
mkdir -p /opt/redhat/rhn/solaris/etc/sysconfig/rhn/allowed-actions/script
To create the requisite file in Solaris, issue this command: