Project

General

Profile

Actions
Copy link

Feature #30188

closed

Provide the ability to use su as the effective method with password

Added by Suraj Patil almost 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Suraj Patil
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
1677180
Pull request:
https://github.com/theforeman/foreman_remote_execution/pull/508
Fixed in Releases:
foreman_remote_execution 4.0.0, foreman_remote_execution_core 1.4.0
Found in Releases:
Red Hat JIRA:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1677180

Business Case
Due to an unspecified security compliance being in use, it is required to have disabled sudo for all accounts, to not allow the root account to SSH into the remote machine and switching to root account must require the user to supply the root password. Usage of dzdo is not suitable either. Therefore, in this case it is necessary to use su as the effective user method, but with password. This is currently not possible due to su being available only as passwordless option.

Technical Requirements:
Providing a new parameter to specify su password, similar to the already present "Sudo password" in settings (or "ansible_sudo_pass" in case of Ansible jobs)

Additional information:
This concerns primarily "Run Commands - SSH Default" and "Run Commands - Ansible Default" templates.

Related issues 1 (0 open1 closed)

Related to Ansible - Bug #30384: Change ansible secrets from 'sudo_password' and 'ssh_password' to 'effective_user_password'ClosedSuraj PatilActions
Actions
Copy link

Also available in: Atom PDF