cgi runs with the user which runs the web server, so for example if you use apache, give sudo rights to apache account to execute puppetca.
Ohad On 7/6/09, Allan Marcus <al...@lanl.gov> wrote: > > How does the cgi script execute a sudo? > > --- > Thanks, > > Allan Marcus > 505-667-5666 > > > > On Jul 3, 2009, at 11:10 PM, Ohad Levy wrote: > >> here you go, its fetched from a much bigger website, so I didnt >> really test it, but worth a shot :) >> >> http://gist.github.com/140457 >> >> cheers, >> Ohad >> >> On Fri, Jul 3, 2009 at 9:12 PM, Gary Larizza <glari...@mac.com> wrote: >> >> I love where this thread is going, I too share in this problem. >> >> Kurt: Puppet is still being run on the client because the client is >> using a cached config (am I right on this guys?). >> >> I love the scripted ssh key, but ALSO love the PHP script that could >> be CURL-ed from the client. Will a PHP script be able to capture the >> hostname of a connecting client? From there, the php script could >> call puppetca to clean the cert and create a new one...would this be >> cleaner than bundling a cert with your base-image? Unfortunately, I'm >> not that versed in PHP to hash a script out from scratch. Does anyone >> have a rough outline that we could steal? >> >> -Gary >> >> >> >> > > > > > > -- Sent from my mobile device --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
