Hello,
We are restricting ssh access to our HS nodes using the firewalld.
Can Selinux create a conflict with firewald once enabled ( by commvault ) on the nodes ?
Thanks
Page 1 / 1
Hi @TNO
Selinux is for the Library data and should not have conflict with firewalld as it’s two different component. Root access would already be locked for HSX. Would you be accessing the nodes via iLO in future?
Regards,
Hi
Thank you for your reply.
We want to keep accessing it via ssh with root, as we are doing today, as well as from ILO once will be required.
I aware of the fact that while upgrading HSX from V2 to V3 the root access will be locked. That we will need to disable after the upgrade ( or if possible to skip it during the upgrade process ).
Thanks
Is there a reason you regularly need to access HSX using root?
Thanks,
Scott
Hi
it’s an internal requirement.
Any idea if it would be possible to skip the root access lock during the upgrade process ?
Thanks
I’m not sure if it can be skipped, but I assume you can just enable root access after the upgrade.
Thanks,
Scott
There is no way we can make an exception to permanently enable root, the firewalld change can be made and I believe would stick as described in step 5 in documentation.. Although allowing root permanently is not an option.
Root access can be controlled using the steps on our documentation,. This would control root login via SSH and iLO, this is not permanent and will auto disable root access after a period of time.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.