Revert "Revert "Remove the sudo cookbook""

This reverts commit 87d7c721b1.
2019-04-03 12:52:40 +02:00
parent 2f05629fde
commit b1a3c5e2cd
15 changed files with 6 additions and 958 deletions
--- a/site-cookbooks/kosmos-base/metadata.rb
+++ b/site-cookbooks/kosmos-base/metadata.rb
@@ -4,11 +4,10 @@ maintainer_email 'mail@kosmos.org'
 license          'All rights reserved'
 description      'The Kosmos base cookbook'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '0.1.1'
+version          '0.2.0'

 depends 'apt'
 depends 'users'
-depends 'sudo'
 depends 'kosmos-postfix'
 depends 'hostname'
 depends 'firewall'
--- a/site-cookbooks/kosmos-base/recipes/default.rb
+++ b/site-cookbooks/kosmos-base/recipes/default.rb
@@ -30,18 +30,17 @@ unless node.chef_environment == "development"
    action [:remove, :create]
  end

-  node.override['authorization']['sudo']['sudoers_defaults'] = [
+  sudo "sysadmin" do
+    groups "sysadmin"
+    nopasswd true
+    defaults [
    # not default on Ubuntu, explicitely enable. Uses a minimal white list of
    # environment variables
    'env_reset',
    # Send emails on unauthorized attempts
    'mail_badpass',
    'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"',
-  ]
-  include_recipe "sudo"
-  sudo "sysadmin" do
-    group "sysadmin"
-    nopasswd true
+    ]
  end

  include_recipe 'kosmos-base::firewall'