ok, makes sense. If I did this, would I need the -S in the sudo command? --- Thanks,
Allan Marcus 505-667-5666 On Jul 6, 2009, at 8:41 AM, Ohad Levy wrote: > > cgi runs with the user which runs the web server, so for example if > you use apache, give sudo rights to apache account to execute > puppetca. > > Ohad > > On 7/6/09, Allan Marcus <al...@lanl.gov> wrote: >> >> How does the cgi script execute a sudo? >> >> --- >> Thanks, >> >> Allan Marcus >> 505-667-5666 >> >> >> >> On Jul 3, 2009, at 11:10 PM, Ohad Levy wrote: >> >>> here you go, its fetched from a much bigger website, so I didnt >>> really test it, but worth a shot :) >>> >>> http://gist.github.com/140457 >>> >>> cheers, >>> Ohad >>> >>> On Fri, Jul 3, 2009 at 9:12 PM, Gary Larizza <glari...@mac.com> >>> wrote: >>> >>> I love where this thread is going, I too share in this problem. >>> >>> Kurt: Puppet is still being run on the client because the client is >>> using a cached config (am I right on this guys?). >>> >>> I love the scripted ssh key, but ALSO love the PHP script that could >>> be CURL-ed from the client. Will a PHP script be able to capture >>> the >>> hostname of a connecting client? From there, the php script could >>> call puppetca to clean the cert and create a new one...would this be >>> cleaner than bundling a cert with your base-image? Unfortunately, >>> I'm >>> not that versed in PHP to hash a script out from scratch. Does >>> anyone >>> have a rough outline that we could steal? >>> >>> -Gary >>> >>> >>> >>>> >> >> >>> >> > > -- > Sent from my mobile device > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
