kosmos/chef
8
3
Fork 0
Code Issues 34 Pull Requests 3 Projects 2 Activity

Update nodejs, sudo and users cookbooks

Browse Source
This commit is contained in:
Greg Karékinian
2018-04-17 13:18:09 +02:00
parent ff2f424ddb
commit 157ccdc8b7
37 changed files with 862 additions and 523 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
cookbooks/sudo/templates/default/sudoers.erb
View File

@@ -4,7 +4,7 @@
<% @sudoers_defaults.each do |defaults| -%>
Defaults <%= defaults %>
<% end -%>
<% if @agent_forwarding -%>
<% if @agent_forwarding.to_s == 'true' -%>
Defaults env_keep+=SSH_AUTH_SOCK
<% end -%>
<% @env_keep_add.each do |env_keep| -%>
@@ -19,12 +19,12 @@ root ALL=(ALL) ALL
<% @custom_commands_users.each do |commands| -%>
# Privileges for specific command <%= commands[:command_list].join(', ') %> for user <%= commands[:user] %>
<%= commands[:user] %> ALL = <%= "NOPASSWD:" if commands[:passwordless] %> <%= commands[:command_list].join(', ') %>
<%= commands[:user] %> ALL = <%= "NOPASSWD:" if commands[:passwordless].to_s == 'true' %><%= "SETENV:" if @setenv %> <%= commands[:command_list].join(', ') %>
<% end -%>
<% @custom_commands_groups.each do |commands| -%>
# Privileges for specific command <%= commands[:command_list].join(', ') %> for group <%= commands[:group] %>
%<%= commands[:group] %> ALL = <%= "NOPASSWD:" if commands[:passwordless] %> <%= commands[:command_list].join(', ') %>
%<%= commands[:group] %> ALL = <%= "NOPASSWD:" if commands[:passwordless].to_s == 'true' %><%= "SETENV:" if @setenv %> <%= commands[:command_list].join(', ') %>
<% end -%>
<% @command_aliases.each do |a| -%>
@@ -32,13 +32,13 @@ Cmnd_Alias <%= a[:name].upcase %> = <%= a[:command_list].join(', ') %>
<% end -%>
<% @sudoers_users.each do |user| -%>
<%= user %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless %><%= "SETENV:" if @setenv %>ALL
<%= user %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless.to_s == 'true' %><%= "SETENV:" if @setenv.to_s == 'true' %>ALL
<% end -%>
<% @sudoers_groups.each do |group| -%>
# Members of the group '<%= group %>' may gain root privileges
%<%= group %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless %><%= "SETENV:" if @setenv %>ALL
%<%= group %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless.to_s == 'true' %><%= "SETENV:" if @setenv.to_s == 'true' %>ALL
<% end -%>
# This is not a comment; see sudoers(5) for more information on "#include" directives
<%= "#includedir #{node['authorization']['sudo']['prefix']}/sudoers.d" if @include_sudoers_d %>
<%= "#includedir #{@config_prefix}/sudoers.d" if @include_sudoers_d.to_s == 'true' %>