Explanation sentinel /etc/sudoers setting

  • 7025005
  • 09-Feb-2021
  • 11-Feb-2021


Sentinel 7.3, 7.4

Sentinel 8.2.x, 8.3, and 8.4


It is configured as such on Sentinel server:
novell ALL = NOPASSWD: /bin/mount, /bin/umount
novell ALL = NOPASSWD: /bin/mount, /bin/umount # sentinel_7_mount_configuration
Defaults:novell !requiretty # sentinel_7_tty_configuration

The parameter "NOPASSWD" might indicate a security concern, however as you can see, it relates only to the mount and umount commands. That is required for the indexing process.

The normal behavior of sudo command, which uses the sudoers definition to validate the real execution, is to ask for the password for the user invoking sudo or for root, depending on the sudoers configuration.

The option NOPASSWD indicates to sudo that it does not have to ask the user for the corresponding password.


So for Sentinel execution, the rule on sudoers only dictates the following:

The user novell, on any server (novell ALL =), acting as root, without need to type a password, (NOPASSWD:), can execute the commands mount and umount, ONLY these commands, as the root user.


This configuration is needed because Sentinel uses squash file system for the event data partitions, the event data, and when you execute a search, it needs mount and umount commands, for these event data partitions on file system, to search for your data.

If this configuration is not in place, the indexing of event data will be impacted.