Issue #6865 has been updated by R.I. Pienaar.
Mohamed Lrhazi wrote: > Would a compromise be to add a notification/confirmation promopt when a > problematic option is passed? maybe only --no-daemonize and --waitforcert > would be an issue? How would you define a problematic argument? I mean this could be seen as a HUGE security risk, imagine you give someone non root shell level access to a server and access to mcollective. Safe right? Nope, cos they can start puppetd as root via mcollective passing into it a custom manifest dir where they can run any .pp files it finds in random directories. The work to determine whats safe and not would be epic, every config option in puppet.conf is also a command line option and these change frequently as puppet add more features, we'd forever be playing catchup. It really is the same concerns I have with a plugin that can run random shell commands, just not the mcollective way of doing things. ---------------------------------------- Feature #6865: Proposed patch to add support to puppetd agent extra command line args https://projects.puppetlabs.com/issues/6865 Author: Mohamed Lrhazi Status: Needs Decision Priority: Normal Assignee: R.I. Pienaar Category: Target version: Keywords: Branch: Affected mCollective version: I am suggesting a patch for puppetd agent, which allows the user to pass arbitrary command line arguments to be passed to puppetd. Please the forked here, branch name: puppetd_options https://github.com/lrhazi/mcollective-plugins Thanks. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
