You could use server roles to activate agents running special config as
subcommands with
contain => setuid(non--priv-user)
M
nwat...@symcor.com wrote:
> Speaking of roles someone asked the other day about having lesser
> privileged users running Cfengine along side normal administrators. For
Speaking of roles someone asked the other day about having lesser
privileged users running Cfengine along side normal administrators. For
example a typical set of promises might involve services like SSH or NFS.
Suppose that an application team exists and would like to use Cfengine
along side
