For auditing purposes, what I'd expect the installation to work (and what should be tested) is for a non-root user to be able to run pkispawn and install successfully. After installation completion, only the installation user has access to his/her admin pkcs12. Same with starting/restarting the server.
It could be just some sudo configuration that narrow down sudo so that some are allowed only to install/start/restart pki servers, and then another to edit pki instance configurations.
Per CS/DS meeting of 07/13/2015: 10.2 Backlog
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1303176
As it is late in the 10.3.0 cycle, and this is more than likely a procedural write-up that will initially go to the Dogtag Wiki, moving this ticket to 10.3.1.
Metadata Update from @cfu: - Issue assigned to mharmsen - Issue set to the milestone: 1.0 TASKS
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2042
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Metadata Update from @dmoluguw: - Issue close_status updated to: migrated - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.