- From: Joe Van Dyk <
>
- To:
- Subject: [chef] Re: Re: Execute resource - keeping SSH_AUTH_SOCK environment variable
- Date: Tue, 4 Jan 2011 15:35:57 -0800
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; b=wuR4LM8TgjT04ioJPt5qaZ5OvdO5Ux0K2A7X/t1nVFiUAqvM2XVBF+d8Q8pzH/Yah9 IyrnIQA6uWxaD/eDYcV2G6w8tgTxRhdDCmtMkRTZ7ZMEUQaSWARbxLO2mAbHS9X/Ou9T Nfo8x4ffedhkZu+L5a47FGW1eY9XDOM9wUIVs=
On Tue, Jan 4, 2011 at 3:40 AM, Mike Mazur
<
>
wrote:
>
Hi,
>
>
On Tue, Jan 4, 2011 at 17:33, Joe Van Dyk
>
<
>
>
wrote:
>
> If I'm logged on as user1 with my SSH_AUTH_SOCK environment variable
>
> set, and I run chef-solo which runs a command as user2, how can I have
>
> user2's command be able to access the SSH_AUTH_SOCK?
>
>
The execute resource has an environment attribute:
>
>
http://wiki.opscode.com/display/chef/Resources#Resources-Execute
>
>
You could use it like this:
>
>
execute "/path/to/some/command" do
>
user "user2"
>
environment ({"SSH_AUTH_SOCK" => ENV['SSH_AUTH_SOCK']})
>
end
That doesn't seem to fix the permissions though, you'd have to have
that user have access to both the directory the file is in and the
file itself.
Does ENV['SSH_AUTH_SOCK'] get evaluated when the recipe is actually
running then?
I worked around it by chowning everything in "/tmp/ssh-*" to the user
running the command, but that really is terrible.
Joe
Archive powered by MHonArc 2.6.16.