Hello all! I'm trying to establish some access control when non-administrative user were running playbooks with Ansible.
All the sudo rules are inherited from FreeIPA and now my only option is to create a sudo rule that enables **ALL** commands to an specific user to run some playbook on some host. This is, definitely, not the best practice, as with the same user could login into the host and execute any other command, and not **ONLY** those on my playbook on the master branch of my Git server. I'm sure that there is some another more elegant and secure way to grant some temporary administrative privileges on hosts to some user. Maybe working with the new ipa_sudorule or something? Do you guys have some example to introduce me? []s, Rodrigo B Brasil -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACTtCsH9_9T592kJQD-pSFTAMPV3gyuF1Ksexk-Z8cS8QqAGSQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
