Hi, On Thu, Sep 01, 2022 at 07:15:42AM +0200, dulhaver via Ansible Project wrote: > the challenge I am facing is that the only way to do this manually > is via > > sudo systemctl edit --full postgresql@[db_service_name].service
If you can use sudo then can you not just do the equivalent of sudo cp /some/temp/file /etc/systemd/system/whatever.service ? How locked down exactly is your sudo access? I'd have thought that if you can issue "sudo systemctl edit" then you can easily cook up something that can give you arbitrary access, so this restriction seems like more of an "honour system", i.e. a determined attacker who realises they can do "sudo systemctl edit" will not be stopped. So on that basis maybe they will allow "sudo cat …" also. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20220901115147.izxcl27hj7tal4l2%40bitfolk.com.
