diff options
| author | Joey Hess <joey@kitenet.net> | 2014-08-19 17:33:00 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-08-19 17:33:00 -0400 |
| commit | 7a34a1efbf9df3e964f203f0c782d4c50e6683c9 (patch) | |
| tree | 1e3f82965b26ff81249c04e82228013d03c2493a /doc/todo/ssh__95__user_+_sudo | |
| parent | 215a8e7f0e0943166e98611176b3b5290f31730b (diff) | |
merge from master
Diffstat (limited to 'doc/todo/ssh__95__user_+_sudo')
3 files changed, 28 insertions, 0 deletions
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment new file mode 100644 index 00000000..e0dc1d7f --- /dev/null +++ b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="http://joeyh.name/" + ip="209.250.56.214" + subject="comment 1" + date="2014-04-21T13:31:13Z" + content=""" +Running propellor that way would probably need ssh to allocate a tty in order for sudo's password prompt to work. And it adds complexity. Does it add security? I don't think so, PermitRootLogin=without-password or PasswordAuthentication=no is not going to let anyone brute force the root account. + +PermitRootLogin=forced-commands-only might be worth making easy to set up, so the only command that can be run with some special propellor-specific ssh key is propellor. +"""]] diff --git a/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment new file mode 100644 index 00000000..8dc6299b --- /dev/null +++ b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment @@ -0,0 +1,8 @@ +[[!comment format=mdwn + username="gueux" + ip="109.190.19.251" + subject="comment 2" + date="2014-04-21T13:54:39Z" + content=""" +I didn't knew \"PermitRootLogin=forced-commands-only\", it seems great! +"""]] diff --git a/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment b/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment new file mode 100644 index 00000000..506b543a --- /dev/null +++ b/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="http://joeyh.name/" + ip="209.250.56.114" + subject="comment 3" + date="2014-04-24T22:17:31Z" + content=""" +Except that it led you to run into the failure mode described at [[forum/remote.origin_not_copied_to_managed_host?]] + +So now we have a concrete change to make: Make /usr/bin/propellor work if it's forced as the only command that can be run. Including making propellor's host bootstrapping work via it. +"""]] |