best way to add www to wheel
Aryeh Friedman
aryeh.friedman at gmail.com
Wed Jan 29 22:05:59 UTC 2014
Only issue with that is when I asked a few months ago how to -ports@ how to
make the port edit sudoers the idea was universally shot down (then it was
to add it to do it for the default %WHEEL NOPASSWD entry and it was before
petitecloud was password protected [it is this criticism that lead to the
password protection in the first place)
On Wed, Jan 29, 2014 at 4:41 PM, Łukasz Wąsikowski <lukasz at wasikowski.net>wrote:
> W dniu 2014-01-29 22:26, Aryeh Friedman pisze:
>
> > Cross post on purpose because people on -virtualization@ are likely more
> > familur with bhyve and it's requirements as well knowing what petitecloud
> > is and what it needs to do (the whole issue is without adding www to
> wheel
> > start/stop do not work from the webui)
>
> Use security/sudo, maybe with config similar to this this:
>
> Cmnd_Alias PETITECLOUD = /usr/sbin/service petitecloud stop,
> /usr/sbin/service petitecloud start, /usr/sbin/service petitecloud restart
> www ALL=(ALL) NOPASSWD: PETITECLOUD
>
> This way user www can run sudo /usr/sbin/service petitecloud
> (stop|start|restart) as root (and only those exact commands with those
> exact parameters). It's a "little" bit safer than your approach which is
> huge security hole.
>
> --
> best regards,
> Lukasz Wasikowski
>
--
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
More information about the freebsd-virtualization
mailing list