summaryrefslogtreecommitdiff
path: root/doc/todo
diff options
context:
space:
mode:
authorJoey Hess2014-08-19 17:33:00 -0400
committerJoey Hess2014-08-19 17:33:00 -0400
commit7a34a1efbf9df3e964f203f0c782d4c50e6683c9 (patch)
tree1e3f82965b26ff81249c04e82228013d03c2493a /doc/todo
parent215a8e7f0e0943166e98611176b3b5290f31730b (diff)
merge from master
Diffstat (limited to 'doc/todo')
-rw-r--r--doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment10
-rw-r--r--doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment10
-rw-r--r--doc/todo/ssh__95__user_+_sudo.mdwn1
-rw-r--r--doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment10
-rw-r--r--doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment8
-rw-r--r--doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment10
6 files changed, 49 insertions, 0 deletions
diff --git a/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment b/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment
new file mode 100644
index 00000000..ff217423
--- /dev/null
+++ b/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="gueux"
+ ip="109.190.19.251"
+ subject="CMD"
+ date="2014-04-21T13:49:08Z"
+ content="""
+It would be great to be able to set the CMD of a docker container.
+
+http://docs.docker.io/reference/builder/#cmd
+"""]]
diff --git a/doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment b/doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment
new file mode 100644
index 00000000..24ec5da3
--- /dev/null
+++ b/doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.114"
+ subject="comment 2"
+ date="2014-04-24T23:31:09Z"
+ content="""
+propellor does not build docker containers, I think that's the point where a CMD is set.
+
+It would probably make sense to have a mode where docker run is not passed any explicit command to run, which would let the predefined CMD be used. Although this would not let propellor run inside the container, so it could not perform any provisioning of it. In this mode, propellor would only be able to ensure that a container was installed and start it running with its default configuration.
+"""]]
diff --git a/doc/todo/ssh__95__user_+_sudo.mdwn b/doc/todo/ssh__95__user_+_sudo.mdwn
new file mode 100644
index 00000000..2269cecd
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo.mdwn
@@ -0,0 +1 @@
+It would be great to be able to ssh to a user different from root, and then to use sudo to run commands.
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment
new file mode 100644
index 00000000..e0dc1d7f
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.214"
+ subject="comment 1"
+ date="2014-04-21T13:31:13Z"
+ content="""
+Running propellor that way would probably need ssh to allocate a tty in order for sudo's password prompt to work. And it adds complexity. Does it add security? I don't think so, PermitRootLogin=without-password or PasswordAuthentication=no is not going to let anyone brute force the root account.
+
+PermitRootLogin=forced-commands-only might be worth making easy to set up, so the only command that can be run with some special propellor-specific ssh key is propellor.
+"""]]
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment
new file mode 100644
index 00000000..8dc6299b
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="gueux"
+ ip="109.190.19.251"
+ subject="comment 2"
+ date="2014-04-21T13:54:39Z"
+ content="""
+I didn't knew \"PermitRootLogin=forced-commands-only\", it seems great!
+"""]]
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment b/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment
new file mode 100644
index 00000000..506b543a
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.114"
+ subject="comment 3"
+ date="2014-04-24T22:17:31Z"
+ content="""
+Except that it led you to run into the failure mode described at [[forum/remote.origin_not_copied_to_managed_host?]]
+
+So now we have a concrete change to make: Make /usr/bin/propellor work if it's forced as the only command that can be run. Including making propellor's host bootstrapping work via it.
+"""]]