linux service account permissions

A question from a customer. They are integrating linux resources into SPP and are considering this KB: What sudo permissions are required on Linux/Unix assets in Safeguard? (4256268)

Nowhere is it mentioned that the service account needs to access /etc/shadow, but it can be seen that without being able to do that check the TestConnection failed. After assigning permission to access that path, the TestConnection succeeds.

They are asking why this is necessary and where they can find documentation about it to get all the details.

Thank you very much

0 Tawfiq.Ahmad 3 months ago

Did you try with adding in the privilege elevation command as sudo?

Privilege elevation command details can be found here:

https://docs.oneidentity.com/bundle/safeguard-for-privileged-passwords_administration-guide_8.0/page/guides/administrationguide/addasset-connection-password.htm

When adding an asset, Test Connection verifies that Safeguard for Privileged Passwords can log in to the asset using the service account credentials that you have provided.