Remove the sudo cookbook

Chef 14 ships with a sudo resource: https://docs.chef.io/resource_sudo.html
2019-04-02 12:17:06 +02:00
parent 2f599ffd6d
commit 73d1722d4b
15 changed files with 6 additions and 958 deletions
--- a/cookbooks/sudo/templates/default/sudoer.erb
+++ b/cookbooks/sudo/templates/default/sudoer.erb
@@ -1,18 +0,0 @@
-# This file is managed by Chef.
-# Do NOT modify this file directly.
-
-<% @command_aliases.each do |a| -%>
-Cmnd_Alias <%= a[:name].upcase %> = <%= a[:command_list].join(', ') %>
-<% end -%>
-<% @env_keep_add.each do |env_keep| -%>
-Defaults    env_keep += "<%= env_keep %>"
-<% end -%>
-<% @env_keep_subtract.each do |env_keep| -%>
-Defaults    env_keep -= "<%= env_keep %>"
-<% end -%>
-<% @commands.each do |command| -%>
-<% unless @sudoer.empty? %><%= @sudoer %> <%= @host %>=(<%= @runas %>) <%= 'NOEXEC:' if @noexec %><%= 'NOPASSWD:' if @nopasswd.to_s == 'true' %><%= 'SETENV:' if @setenv.to_s == 'true' %><%= command %><% end -%>
-<% end -%>
-<% unless @defaults.empty? %>
-Defaults:<%= @sudoer %> <%= @defaults.join(',') %>
-<% end -%>
--- a/cookbooks/sudo/templates/default/sudoers.erb
+++ b/cookbooks/sudo/templates/default/sudoers.erb
@@ -1,44 +0,0 @@
-# This file is managed by Chef.
-# Do NOT modify this file directly.
-
-<% @sudoers_defaults.each do |defaults| -%>
-Defaults      <%= defaults %>
-<% end -%>
-<% if @agent_forwarding.to_s == 'true' -%>
-Defaults      env_keep+=SSH_AUTH_SOCK
-<% end -%>
-<% @env_keep_add.each do |env_keep| -%>
-Defaults    env_keep += "<%= env_keep %>"
-<% end -%>
-<% @env_keep_subtract.each do |env_keep| -%>
-Defaults    env_keep -= "<%= env_keep %>"
-<% end -%>
-
-# User privilege specification
-root          ALL=(ALL) ALL
-
-<% @custom_commands_users.each do |commands| -%>
-# Privileges for specific command <%= commands[:command_list].join(', ') %> for user <%= commands[:user] %>
-<%= commands[:user] %> ALL = <%= "NOPASSWD:" if commands[:passwordless].to_s == 'true' %><%= "SETENV:" if @setenv %> <%= commands[:command_list].join(', ') %>
-<% end -%>
-
-<% @custom_commands_groups.each do |commands| -%>
-# Privileges for specific command <%= commands[:command_list].join(', ') %> for group <%= commands[:group] %>
-%<%= commands[:group] %> ALL = <%= "NOPASSWD:" if commands[:passwordless].to_s == 'true' %><%= "SETENV:" if @setenv %> <%= commands[:command_list].join(', ') %>
-<% end -%>
-
-<% @command_aliases.each do |a| -%>
-Cmnd_Alias <%= a[:name].upcase %> = <%= a[:command_list].join(', ') %>
-<% end -%>
-
-<% @sudoers_users.each do |user| -%>
-<%= user %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless.to_s == 'true' %><%= "SETENV:" if @setenv.to_s == 'true' %>ALL
-<% end -%>
-
-<% @sudoers_groups.each do |group| -%>
-# Members of the group '<%= group %>' may gain root privileges
-%<%= group %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless.to_s == 'true' %><%= "SETENV:" if @setenv.to_s == 'true' %>ALL
-<% end -%>
-
-# This is not a comment; see sudoers(5) for more information on "#include" directives
-<%= "#includedir #{@config_prefix}/sudoers.d" if @include_sudoers_d.to_s == 'true'  %>