Only issue with that is when I asked a few months ago how to -ports@ how to
make the port edit sudoers the idea was universally shot down (then it was
to add it to do it for the default %WHEEL NOPASSWD entry and it was before
petitecloud was password protected [it is this criticism that lead to the
password protection in the first place)


On Wed, Jan 29, 2014 at 4:41 PM, Łukasz Wąsikowski <luk...@wasikowski.net>wrote:

> W dniu 2014-01-29 22:26, Aryeh Friedman pisze:
>
> > Cross post on purpose because people on -virtualization@ are likely more
> > familur with bhyve and it's requirements as well knowing what petitecloud
> > is and what it needs to do (the whole issue is without adding www to
> wheel
> > start/stop do not work from the webui)
>
> Use security/sudo, maybe with config similar to this this:
>
> Cmnd_Alias PETITECLOUD = /usr/sbin/service petitecloud stop,
> /usr/sbin/service petitecloud start, /usr/sbin/service petitecloud restart
> www ALL=(ALL) NOPASSWD: PETITECLOUD
>
> This way user www can run sudo /usr/sbin/service petitecloud
> (stop|start|restart) as root (and only those exact commands with those
> exact parameters). It's a "little" bit safer than your approach which is
> huge security hole.
>
> --
> best regards,
> Lukasz Wasikowski
>



-- 
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
_______________________________________________
freebsd-virtualization@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
To unsubscribe, send any mail to 
"freebsd-virtualization-unsubscr...@freebsd.org"

Reply via email to