From 854eb3de54a5b6d75dac449b9880140d257be8e1 Mon Sep 17 00:00:00 2001 From: Suzana Fernandes Date: Wed, 13 Nov 2024 18:36:57 +0000 Subject: [PATCH] Update for collect tool enhancement to support any LDAP or WAD user account Change-Id: I94709d5b1db72121c27dcc60725dbf58de21b490 Signed-off-by: Suzana Fernandes --- .../kubernetes/troubleshooting-log-collection.rst | 7 ++++++- .../introduction-to-user-management-6c0b13c6d325.rst | 7 +++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/doc/source/fault-mgmt/kubernetes/troubleshooting-log-collection.rst b/doc/source/fault-mgmt/kubernetes/troubleshooting-log-collection.rst index e2a8bb605..6797741c4 100644 --- a/doc/source/fault-mgmt/kubernetes/troubleshooting-log-collection.rst +++ b/doc/source/fault-mgmt/kubernetes/troubleshooting-log-collection.rst @@ -20,9 +20,14 @@ Collect Tool Caveats and Usage .. _troubleshooting-log-collection-ul-dpj-bxp-jdb: -- Log in as **sysadmin**, NOT as root, on the active controller and use the +- Log in via SSH or local console on the active controller and use the :command:`collect` command. + .. note:: + The user must have sudo capability and be in the ``sys_protected`` group + to use the ``collect`` tool. + + - All usage options can be found by using the following command: .. code-block:: none diff --git a/doc/source/security/kubernetes/introduction-to-user-management-6c0b13c6d325.rst b/doc/source/security/kubernetes/introduction-to-user-management-6c0b13c6d325.rst index c7058dba3..b73c4411e 100644 --- a/doc/source/security/kubernetes/introduction-to-user-management-6c0b13c6d325.rst +++ b/doc/source/security/kubernetes/introduction-to-user-management-6c0b13c6d325.rst @@ -138,8 +138,11 @@ User Account Types - **sudo group** - provides sudo all capabilities. - - **sys_protected group** - provides access to 'collect' - tool for collecting system diagnostic info. + - **sys_protected group** - provides access to ``collect`` tool + for collecting system diagnostic info. + + .. note:: + The ``collect`` tool also requires sudo capability. - **root group** - provides read access to log files.