Project

General

Profile

Actions
Copy link

Refactor #36767

closed

use runuser instead of su to run rake as the foreman user

Added by Evgeni Golov 8 months ago. Updated 8 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Evgeni Golov
Category:
Rails
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/9839
Fixed in Releases:
3.9.0
Found in Releases:
Red Hat JIRA:

Description

foreman-rake is designed to be run as root (and switch to foreman) or by foreman directly. any other user can't use it as it is installed in sbin and the foreman user has no password set, making switching users as non root impossible, but su will still try it:

    [nobody@foreman /]$ su foreman -s /bin/bash -c id
    Password:
    [nobody@foreman /]$ foreman-rake console
    Password:

runuser is designed to be used in scripts and refuses to work as non root:

    [nobody@foreman /]$ runuser foreman -s /bin/bash -c id
    runuser: may not be used by non-root users
    [nobody@foreman /]$ foreman-rake console
    runuser: may not be used by non-root users
Actions
Copy link
 #1

Updated by The Foreman Bot 8 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/9839 added
Actions
Copy link
 #2

Updated by The Foreman Bot 8 months ago

  • Fixed in Releases 3.9.0 added
Actions
Copy link
 #3

Updated by Evgeni Golov 8 months ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link

Also available in: Atom PDF