search

ansibleplaybookbundle / ansible-playbook-bundle

THIS REPO IS MIGRATING: https://github.com/automationbroker/apb
GNU General Public License v2.0
140 stars 70 forks source link

allow rootless operation #188

Closed akostadinov closed 6 years ago

akostadinov commented 6 years ago

Hi, it is important to allow rootless operation of the tool. In many corporate environments the users are not allowed to have root. Having access to dockersocket makes easy for user to obtain root privileges.

Perhaps look at rootless containers?

rthallisey commented 6 years ago

@akostadinov good suggestion. I think it's worth looking at.

jianzhangbjz commented 6 years ago

+1, @rthallisey Any update? Maybe we can new a card to support this. What do you think?

rthallisey commented 6 years ago

We're looking at re writing the apb tool to incorporate the bundle-lib library in the near future. At that point, I think we'll evaluate the scope of the apb tool and perform a more in depth security audit so folks can use it in environments that require non root.

jianzhangbjz commented 6 years ago

OK, that's great! Thanks!

jianzhangbjz commented 6 years ago

@rthallisey Do we have a plan to implement this for 3.11? cc: @chengzhang1016 @zihantang-rh

rthallisey commented 6 years ago

The automationbroker/sbcli repo has been created. I think this issue should be copied over there to get picked up. @jianzhangbjz can you re file the issue?

rthallisey commented 6 years ago

Copied over the issue,, closing