I've been working to rewrite and extend the script that we've been using to control playbook execution for folks who are not in sysadmin-main.
https://bitbucket.org/tflink/rbac-ansible I've been testing the script but before we actually start using it on lockbox01, I'd appreciate a review of the code to make sure I didn't miss any security holes. Injection attacks shouldn't be an issue due to usage of os.execv - all injection attempts are grouped as a single argument and will not be broken up. Tim
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/infrastructure
