When Cisco first announced the Unified Communication Server (CallManager) would be based on Linux, my first question was “How much of the system would be available to users?”

I think it is great that Cisco does not require Engineers to understand the underlying system CallManager is built on, but some of us are curious. This tutorial will show you how to create a user on a CUCM 5/6 server with shell access and root privileges.

WARNING: This should not be performed on a Production System! I am not responsible for any destruction to production systems.

  1. Boot the CUCM server with CentOS 5.1 Disk1
  2. Type ‘linux rescue’ at the boot: prompt
  3. Use the chroot command to change the root to the CUCM partition


    Type 'chroot /mnt/sysimage'

  4. Backup the /etc/passwd, /etc/group, /etc/shadow and /etc/gshadow files


    cp -a /etc/passwd /etc/passwd.bak
    cp -a /etc/group /etc/group.bak
    cp -a /etc/shadow /etc/shadow.bak
    cp -a /etc/gshadow /etc/gshadow.bak

  5. These files are protected by the ext2 immutable flag. Check to see if the immutable flag is set. If the immutable flag is set, you will see an ‘i’.


    lsattr /etc/passwd /etc/group /etc/shadow /etc/gshadow

  6. Remove the immutable flag


    chattr -i /etc/passwd /etc/group /etc/shadow /etc/gshadow

  7. Add a new user and set a password


    useradd username
    passwd username

  8. Add the immutable flag


    chattr +i /etc/passwd /etc/group /etc/shadow /etc/gshadow

  9. Add the new user to the /etc/sudoers file and give root privileges.


    vi /etc/sudoers

    Add the following line to the file to give the new user root privileges.


    username All=(ALL) ALL

  10. Exit Linux rescue mode
  11. Login with the new account
  12. Test various root level linux commands with ‘sudo’ prefix, take a look at the filesystem and play around
  13.  

    watch video

     

    Be Sociable, Share!