Hi all, I am working on writing some Ansible playbooks to manage my SmartOS deployment. I'm using Illumos/SmartOS's support for RBAC instead of sudo/su, but I'm running into some issues with it.
Basically I just need to run pfexec before each command so it executes with my user's profiles (privileges). I was hoping ANSIBLE_SUDO_EXE or even ANSIBLE_EXECUTABLE would help, but unfortunately pfexec does not accept the same (immutable) flags as sudo, and setting ANSIBLE_EXECUTABLE to pfbash (basically like doing pfexec /bin/bash) causes PUTs to fail on the SSH level for some reason. Adding pfexec support to Ansible seems like it would be a lot of work for not much gain, so I was considering writing a wrapper to pfexec to translate the sudo flags to pfexec flags. Has anyone else run into this or have any ideas on how to solve this better? Thanks, Preston -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c6765c13-1ad1-466b-99f9-b40a3a41e397%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
