What minimum permissions are needed to run chef-solo?


#1

Hi,

I’m using chef-solo as a non root user named ‘chef’. I would like to restrict
this user’s commands to the minimum necessary. So I have added the below line
in visudo.

chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo

Chef-solo seems to run normally in this setting. Is this OK?

Thanks,
Atsuhiko


#2

yeah.

On Tue, Feb 18, 2014 at 11:52 PM, atskimura@gmail.com wrote:

Hi,

I’m using chef-solo as a non root user named ‘chef’. I would like to
restrict
this user’s commands to the minimum necessary. So I have added the below
line
in visudo.

chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo

Chef-solo seems to run normally in this setting. Is this OK?

Thanks,
Atsuhiko


#3

Thank you!

On Wed, Feb 19, 2014 at 6:15 PM, Ranjib Dey dey.ranjib@gmail.com wrote:

yeah.

On Tue, Feb 18, 2014 at 11:52 PM, atskimura@gmail.com wrote:

Hi,

I’m using chef-solo as a non root user named ‘chef’. I would like to
restrict
this user’s commands to the minimum necessary. So I have added the below
line
in visudo.

chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo

Chef-solo seems to run normally in this setting. Is this OK?

Thanks,
Atsuhiko