Set sendmail location and arguments via puppet/installer
We have a setting to set sendmail location/arguments in the UI/CLI/API however this brought some issues with security:
As a better long term solution, it would be great to set both settings in settings.yaml via puppet, they automatically override UI and there is a warning info icon informing users that the setting is read only and editable only via settings.yaml.
Fixes #32827 - Add sendmail config options
As part of CVE-2021-3584 the option email_sendmail_location was limited
to just 4 choices. This allows admins to set it via settings.yaml. The
idea is that if you can edit settings.yaml, you're already compromised
while UI could be less protected.
When a setting is present in settings.yaml, the option becomes read-only
in the UI.
If the options are not set, they don't show up in settings.yaml.
#9 Updated by Ewoud Kohl van Wijngaarden 3 months ago
- Status changed from Ready For Testing to Closed
Applied in changeset puppet-foreman|6c902a4f1f484137ebccafe4d3390881fd0b3d61.