When Cisco first announced the Unified Communication Server (CallManager) would be based on Linux, my first question was “How much of the system would be available to users?”
I think it is great that Cisco does not require Engineers to understand the underlying system CallManager is built on, but some of us are curious. This tutorial will show you how to create a user on a CUCM 5/6 server with shell access and root privileges.
WARNING: This should not be performed on a Production System! I am not responsible for any destruction to production systems.
- Boot the CUCM server with CentOS 5.1 Disk1
- Type ‘linux rescue’ at the boot: prompt
- Use the chroot command to change the root to the CUCM partition
Type 'chroot /mnt/sysimage'
- Backup the /etc/passwd, /etc/group, /etc/shadow and /etc/gshadow files
cp -a /etc/passwd /etc/passwd.bak
cp -a /etc/group /etc/group.bak
cp -a /etc/shadow /etc/shadow.bak
cp -a /etc/gshadow /etc/gshadow.bak
- These files are protected by the ext2 immutable flag. Check to see if the immutable flag is set. If the immutable flag is set, you will see an ‘i’.
lsattr /etc/passwd /etc/group /etc/shadow /etc/gshadow
- Remove the immutable flag
chattr -i /etc/passwd /etc/group /etc/shadow /etc/gshadow
- Add a new user and set a password
- Add the immutable flag
chattr +i /etc/passwd /etc/group /etc/shadow /etc/gshadow
- Add the new user to the /etc/sudoers file and give root privileges.
Add the following line to the file to give the new user root privileges.
username All=(ALL) ALL
- Exit Linux rescue mode
- Login with the new account
- Test various root level linux commands with ’sudo’ prefix, take a look at the filesystem and play around