Bug #1014
sudoers file does not support puppet 2.6+ for puppetca and puppetrun
| Status: | Closed | Start: | 06/29/2011 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: | - | % Done: | 100% |
|
| Category: | - | |||
| Target version: | Foreman - Bug scrub | |||
| Backlog: | No | Difficulity: | ||
| Votes: | 0 |
Description
The default permissions in the /etc/sudoers files that smart-proxy only supports puppetca and puppetrun. Since puppetca is depreciated in 2.6+ an additional binary will need to be added to the sudoers file. Puppet now uses puppet kick for puppetrun and puppet cert for puppetca.
current:
foreman ALL = NOPASSWD: /usr/sbin/puppetca Defaults:foreman !requiretty foreman ALL = NOPASSWD: /usr/bin/puppetrun foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca Defaults:foreman-proxy !requiretty
Support for both
foreman ALL = NOPASSWD: /usr/sbin/puppetca, /opt/puppet/bin/puppet, /usr/local/bin/puppet Defaults:foreman !requiretty foreman ALL = NOPASSWD: /usr/sbin/puppetrun, /opt/puppet/bin/puppet, /usr/local/bin/puppet foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca, /opt/puppet/bin/puppet, /usr/local/bin/puppet Defaults:foreman-proxy !requiretty
History
Updated by Greg Sutcliffe 6 months ago
- Status changed from New to Closed
- Target version set to Bug scrub
- % Done changed from 0 to 100
The installer should now add correct sudo permissions for the version of puppet running it. Closing.
