Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support privilege escalation on remote operations #35

Open
ricrodriguezg opened this issue Jan 28, 2021 · 0 comments
Open

Support privilege escalation on remote operations #35

ricrodriguezg opened this issue Jan 28, 2021 · 0 comments
Labels
enhancement New feature or request

Comments

@ricrodriguezg
Copy link
Contributor

BUSINESS PROBLEM

Currently the role only supports copying cert files to remote hosts using either the root user (not a good security practice) to write those files to any directory on the file system or using another user and only being able to copy the files on the user's owned locations. Since the user running the playbook should be only used to access the machines and then use privilege escalation to execute tasks like writing to /etc/ssl, a solution is needed that accepts a privilege escalation parameter.

PROPOSED SOLUTION

Optionally allow a privilege escalation parameter like "become" to be specified in the role configuration and, if specified, use it to escalate privileges using a method like "sudo" to write on other locations rather than the user's home directory or /tmp.

CURRENT ALTERNATIVES

Copying the local files to the remote location with a task defined on the playbook
@tr1ck3r tr1ck3r added the enhancement New feature or request label Mar 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tr1ck3r @ricrodriguezg