Update upstream cookbooks

This commit is contained in:
Greg Karékinian
2017-03-20 13:19:10 +00:00
parent bfd2d52ea8
commit bcfd44b923
340 changed files with 12576 additions and 5465 deletions

View File

@@ -1,4 +1,5 @@
# sudo cookbook
[![Build Status](https://travis-ci.org/chef-cookbooks/sudo.svg?branch=master)](http://travis-ci.org/chef-cookbooks/sudo) [![Cookbook Version](https://img.shields.io/cookbook/v/sudo.svg)](https://supermarket.chef.io/cookbooks/sudo)
The Chef `sudo` cookbook installs the `sudo` package and configures the `/etc/sudoers` file.
@@ -6,16 +7,21 @@ The Chef `sudo` cookbook installs the `sudo` package and configures the `/etc/su
It also exposes an LWRP for adding and managing sudoers.
## Requirements
### Platforms
- Debian/Ubuntu
- RHEL/CentOS/Scientific/Amazon/Oracle
- FreeBSD
- Mac OS X
- openSUSE / Suse
### Chef
- Chef 11+
- Chef 12.1+
### Cookbooks
- None
## Attributes
@@ -45,6 +51,44 @@ To use attributes for defining sudoers, set the attributes above on the node (or
}
```
```json
{
"default_attributes": {
"authorization": {
"sudo": {
"command_aliases": [{
"name": "TEST",
"command_list": [
"/usr/bin/ls",
"/usr/bin/cat"
]
}],
"custom_commands": {
"users": [
{
"user": "test_user",
"passwordless": true,
"command_list": [
"TEST"
]
}
],
"groups": [
{
"group": "test_group",
"passwordless": false,
"command_list": [
"TEST"
]
}
]
}
}
}
}
}
```
```ruby
# roles/example.rb
default_attributes(
@@ -151,7 +195,7 @@ There are two ways for rendering a sudoer-fragment using this LWRP:
1. Using the built-in template
2. Using a custom, cookbook-level template
Both methods will create the `/etc/sudoers.d/#{username}` file with the correct permissions.
Both methods will create the `/etc/sudoers.d/#{resourcename}` file with the correct permissions.
The LWRP also performs **fragment validation**. If a sudoer-fragment is not valid, the Chef run will throw an exception and fail. This ensures that your sudoers file is always valid and cannot become corrupt (from this cookbook).
@@ -218,6 +262,12 @@ case it is not already</td>
<td><tt>true</tt></td>
<td><tt>false</tt></td>
</tr>
<tr>
<td>noexec</td>
<td>prevents commands from shelling out</td>
<td><tt>true</tt></td>
<td><tt>false</tt></td>
</tr>
<tr>
<td>runas</td>
<td>User the command(s) can be run as</td>