Hi all, I am working on writing some Ansible playbooks to manage my SmartOS deployment. I'm using Illumos/SmartOS's support for RBAC instead of sudo/su, but I'm running into some issues with it.
Basically I just need to run pfexec before each command so it executes with my user's profiles (privileges). I was hoping ANSIBLE_SUDO_EXE or even ANSIBLE_EXECUTABLE would help, but unfortunately pfexec does not accept the same (immutable) flags as sudo, and setting ANSIBLE_EXECUTABLE to pfbash (basically like doing pfexec /bin/bash) causes PUTs to fail on the SSH level for some reason. Adding pfexec support to Ansible seems like it would be a lot of work for not much gain, so I was considering writing a wrapper to pfexec to translate the sudo flags to pfexec flags. Has anyone else run into this or have any ideas on how to solve this better? Thanks, Preston -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c6765c13-1ad1-466b-99f9-b40a3a41e397%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
