Rob James wrote:
Good point, but if i want to use provisioning for my clients (e.g. for
"remote command" capability) then they'll have the provisioning
entitlement anyway (i had it enabled in the activation key so it was
there anyway).
Yes, true.
You can do it the way we do it in Satellite. I.e. put proxy in separate
channel and put that users to ogranisation which do not have
entitlements for given channel.
But since the user will have root access, they can manually install
spacewalk repo from our site and install the packages anyway... So yes,
every root can install proxy on their machine.
But as you said it should not expose anything. Hmm unless they will be
playing "man in the middle" game and you are not using SSL. But if
somebody do not trust their network and do not use SSL, then he is
doomed anyway... :)
--
Miroslav Suchy
Red Hat Satellite Engineering
_______________________________________________
Spacewalk-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/spacewalk-devel
