[Piuparts-devel] the "piuparts" group (as in getent group)
Holger Levsen
holger at layer-acht.org
Mon May 13 15:10:37 UTC 2013
Hi Andreas,
On Montag, 13. Mai 2013, Andreas Beckmann wrote:
> That's primarily interesting for master, does it run with an appropriate
> umask?
no, umask is 0022, not 0002
> Or does a piuparts admin still need to
> sudo -u piuparts-master $SHELL
well, for what?
> > why do you see a
> > problem there?
>
> I'm a bit concerned about running an unprivileged service
> (piuparts-master) with (indirect) access to sudo via the group ...
> For slave it's a bit moot since this needs nearly full sudo power anyway
piupartsm cannot use sudo for anything. piupartss can use sudo for everything,
but only on the slave.
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/piuparts-devel/attachments/20130513/df14b2a3/attachment.pgp>
More information about the Piuparts-devel
mailing list