Local provider - isolating sudo usage
Andrew Wilkins
andrew.wilkins at canonical.com
Fri Jan 24 01:14:28 UTC 2014
The core local provider changes have been merged now. For a summary of how
the local provider bootstraps now, see:
https://codereview.appspot.com/55880043/
I removed this bits that chown to the user from the local provider. I
can't, unfortunately, easily remove the only other remaining part: chowning
the ~/.juju/ssh dir and keys. Suggestions welcome.
Cheers,
Andrew
On Fri, Jan 24, 2014 at 4:34 AM, roger peppe <roger.peppe at canonical.com>wrote:
> Thank you! Let's get rid of every chown in the code base.
>
> On 22 January 2014 23:12, Andrew Wilkins <andrew.wilkins at canonical.com>
> wrote:
> > Hi folks,
> >
> > I'm working on changing the local provider so that sudo is not needed
> from
> > outside Juju; "juju bootstrap" and "juju destroy-environment" will
> prompt as
> > necessary.
> >
> > I would like to also prevent Juju from allowing the user to run with sudo
> > from the outside. This will allow us to remove all of the code pathways
> that
> > change ownership to the sudo caller, and avoid future breakages.
> >
> > Does anyone have any strong reasons for not doing this?
> >
> > Cheers,
> > Andrew
> >
> > --
> > Juju-dev mailing list
> > Juju-dev at lists.ubuntu.com
> > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/juju-dev
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju-dev/attachments/20140124/6555aeae/attachment.html>
More information about the Juju-dev
mailing list