Project

General

Profile

Actions
Copy link

Bug #1014

closed

sudoers file does not support puppet 2.6+ for puppetca and puppetrun

Added by Corey Osman almost 13 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Bug scrub
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

The default permissions in the /etc/sudoers files that smart-proxy only supports puppetca and puppetrun. Since puppetca is depreciated in 2.6+ an additional binary will need to be added to the sudoers file. Puppet now uses puppet kick for puppetrun and puppet cert for puppetca.

current:


foreman ALL = NOPASSWD: /usr/sbin/puppetca
Defaults:foreman !requiretty
foreman ALL = NOPASSWD: /usr/bin/puppetrun

foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca
Defaults:foreman-proxy !requiretty

Support for both

foreman ALL = NOPASSWD: /usr/sbin/puppetca, /opt/puppet/bin/puppet, /usr/local/bin/puppet
Defaults:foreman !requiretty
foreman ALL = NOPASSWD: /usr/sbin/puppetrun, /opt/puppet/bin/puppet, /usr/local/bin/puppet

foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca, /opt/puppet/bin/puppet, /usr/local/bin/puppet
Defaults:foreman-proxy !requiretty

Actions
Copy link
 #1

Updated by Greg Sutcliffe over 11 years ago

  • Status changed from New to Closed
  • Target version set to Bug scrub
  • % Done changed from 0 to 100

The installer should now add correct sudo permissions for the version of puppet running it. Closing.

Actions
Copy link

Also available in: Atom PDF