sbluhm
commented
2 weeks ago Is this still relevant with the container version? The container host can be added, or not?
Open phibid opened 1 year ago
sbluhm
commented
2 weeks ago Is this still relevant with the container version? The container host can be added, or not?
mcalmer
commented
2 weeks ago I think Ricardo tried this and did not find problems on the first look. We do not suggest this yet. But you can try and report your findings.
rjmateus
commented
2 weeks ago @sbluhm I tried it and with the containerized version we can register the host OS against the uyuni server. However, we don't recommend it because as soon as you register any user with access to it will have root access to the host OS, and that means it would have access to all uyuni data/systems and have the ability to bypass any access control rules. The hosts OS would probably need some kind of special access rules on uyuni UI/API to have some more restrictive access control rules, but we didn't though about how to make it.
sbluhm
commented
2 weeks ago Thank you @rjmateus , great explanation and background.
I have been running the container host connections since the first version without issues (knowingly ignoring the documentation).
rjmateus
commented
2 weeks ago @sbluhm that is fine, as long you are aware of the possible security issues :) But it should be perfectly fine if you don't need to restrict user access to it.
If I am not wrong, this is not possible to register the Uyuni server itself as Uyuni client, which is I think understandable. So paradoxically, Uyuni allows us to have update details of all our servers registered in it, but not for itself.
We could perhaps add by default the Uyuni server itself in the server list, identified by a specific icon (as for the Uyuni proxies). Clicking on it, it will show us detailed patch info and even last available Uyuni release with sone usefull information ?