Is it possible to remove sudo permission from SSH account?
Is the SSH user still needed other than to perform manual troubleshooting, can we delete this user?
Once the installation is completed, Could we remove sudo permission from SSH account?
CloudBees Jenkins Enterprise (CJE) - AWS/OpenStack/Anywhere
The SSH user who is used for certain cluster operation such as cluster-init, worker-add, worker-restart, pse-support, …needs sudo permissions because they access to configuration/logs files which requires from that privileges
These are the commands performed with sudo by the SSH user:
COMMAND=/bin/cat COMMAND=/bin/chmod COMMAND=/bin/cp COMMAND=/bin/docker COMMAND=/bin/firewall-cmd COMMAND=/bin/id COMMAND=/bin/install COMMAND=/bin/mkdir COMMAND=/bin/mount COMMAND=/bin/nmcli COMMAND=/bin/rm COMMAND=/bin/rmdir COMMAND=/bin/sed COMMAND=/bin/sh COMMAND=/bin/su COMMAND=/bin/sudo COMMAND=/bin/systemctl COMMAND=/bin/tee COMMAND=/bin/touch COMMAND=/bin/umount COMMAND=/bin/yum COMMAND=/etc/init.d/topbeat COMMAND=/home/packer/dna-config/configure-docker COMMAND=/home/packer/dna-config/configure-http-proxy COMMAND=/sbin/useradd