34 lines
1.4 KiB
Plaintext
34 lines
1.4 KiB
Plaintext
# This file is managed by Chef.
|
|
# Do NOT modify this file directly.
|
|
|
|
<% @sudoers_defaults.each do |defaults| -%>
|
|
Defaults <%= defaults %>
|
|
<% end -%>
|
|
<% if @agent_forwarding.to_s == 'true' -%>
|
|
Defaults env_keep+=SSH_AUTH_SOCK
|
|
<% end -%>
|
|
|
|
# User privilege specification
|
|
root ALL=(ALL) ALL
|
|
%admin ALL=(ALL) ALL
|
|
<% @sudoers_users.each do |user| -%>
|
|
<%= user %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless.to_s == 'true' %><%= "SETENV:" if @setenv.to_s == 'true' %>ALL
|
|
<% end -%>
|
|
|
|
<% @custom_commands_users.each do |commands| -%>
|
|
# Privileges for specific command <%= commands[:command_list].join(', ') %> for user <%= commands[:user] %>
|
|
<%= commands[:user] %> ALL = <%= "NOPASSWD:" if commands[:passwordless].to_s == 'true' %> <%= commands[:command_list].join(', ') %>
|
|
<% end -%>
|
|
|
|
<% @custom_commands_groups.each do |commands| -%>
|
|
# Privileges for specific command <%= commands[:command_list].join(', ') %> for group <%= commands[:group] %>
|
|
%<%= commands[:group] %> ALL = <%= "NOPASSWD:" if commands[:passwordless].to_s == 'true' %> <%= commands[:command_list].join(', ') %>
|
|
<% end -%>
|
|
|
|
<% @sudoers_groups.each do |group| -%>
|
|
# Members of the group '<%= group %>' may gain root privileges
|
|
%<%= group %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless.to_s == 'true' %><%= "SETENV:" if @setenv.to_s == 'true' %>ALL
|
|
<% end -%>
|
|
|
|
<%= "#includedir #{@config_prefix}/sudoers.d" if @include_sudoers_d.to_s == 'true' %>
|