Bug #1014: sudoers file does not support puppet 2.6+ for puppetca and puppetrun - Smart Proxy - Foreman

Actions

Copy link

Bug #1014

closed

sudoers file does not support puppet 2.6+ for puppetca and puppetrun

Added by Corey Osman over 13 years ago. Updated over 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Target version:

Bug scrub

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

The default permissions in the /etc/sudoers files that smart-proxy only supports puppetca and puppetrun. Since puppetca is depreciated in 2.6+ an additional binary will need to be added to the sudoers file. Puppet now uses puppet kick for puppetrun and puppet cert for puppetca.

current:


foreman ALL = NOPASSWD: /usr/sbin/puppetca
Defaults:foreman !requiretty
foreman ALL = NOPASSWD: /usr/bin/puppetrun

foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca
Defaults:foreman-proxy !requiretty

Support for both

foreman ALL = NOPASSWD: /usr/sbin/puppetca, /opt/puppet/bin/puppet, /usr/local/bin/puppet
Defaults:foreman !requiretty
foreman ALL = NOPASSWD: /usr/sbin/puppetrun, /opt/puppet/bin/puppet, /usr/local/bin/puppet

foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca, /opt/puppet/bin/puppet, /usr/local/bin/puppet
Defaults:foreman-proxy !requiretty

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Foreman » Smart Proxy

Custom queries

Bug #1014

sudoers file does not support puppet 2.6+ for puppetca and puppetrun

Updated by Greg Sutcliffe about 12 years ago