forked from ungleich-public/cdist
document multi developers/different trust levels setup
Signed-off-by: Nico Schottelius <nico@brief.schottelius.org>
This commit is contained in:
Nico Schottelius
parent
3d8f26b42a
commit
cae332dcf8
|
|
@ -138,9 +138,20 @@ The following **.git/config** is taken from a a real world scenario:
|
|||
Have a look at git-remote(1) to adjust the remote configuration, which allows
|
||||
|
||||
|
||||
MULTI DEVELOPERS/DIFFERENT TRUST RELATIONSHIP/CENTRAL SERVER APPROACH
|
||||
---------------------------------------------------------------------
|
||||
FIXME before 2.0.5
|
||||
MULTIPLE DEVELOPERS WITH DIFFERENT TRUST
|
||||
----------------------------------------
|
||||
If you are working in an environment that requires different people to
|
||||
work on the same configuration, but having different privileges, you can
|
||||
implement this scenario with a gateway host and sudo:
|
||||
|
||||
- Create a dedicated user (for instance **cdist**)
|
||||
- Setup the ssh-pubkey for this user that has the right to configure all hosts
|
||||
- Create a wrapper to update the cdist configuration in ~cdist/cdist
|
||||
- Allow every developer to execute this script via sudo as the user cdist
|
||||
- Allow run of cdist as user cdist on specific hosts on a per user/group base
|
||||
- f.i. nico ALL=(ALL) NOPASSWD: /home/cdist/bin/cdist config hostabc
|
||||
|
||||
For more details consult sudoers(5)
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ SEE ALSO
|
|||
- cdist(1)
|
||||
- cdist-type(7)
|
||||
- cdist-best-practice(7)
|
||||
- cdist-stages(7)?
|
||||
- cdist-stages(7)
|
||||
- Brave New World by Aldous Huxley
|
||||
|
||||
COPYING
|
||||
|
|
|
|||
Loading…
Reference in New Issue