saltstack-formulas/users-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check for sudo_rules before text.append state.

Browse Source 
Since ebe5198f, if a user's pillar dict didn't contain sudo_rules, a broken
file.append state would be rendered (since some text is required). With
this patch, the file is still created/managed by the previous state, but
will be empty by default if created fresh. This seems a more sensible
default than assuming a default sudoer policy.

Further, since the first word on each rule line should be the user's
name, that is now assumed.
This commit is contained in:
Adam Wright 2014-02-22 08:43:52 +00:00
parent 56ca792f84
commit 2c58a76ce6
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
users/init.sls
View File

@ -125,15 +125,17 @@ sudoer-{{ name }}:
- user: root - user: root
- group: root - group: root
- mode: '0440' - mode: '0440'
{% if 'sudo_rules' in user %}
/etc/sudoers.d/{{ name }}: /etc/sudoers.d/{{ name }}:
file.append: file.append:
- text: - text:
{% for rule in user.get('sudo_rules', []) %} {% for rule in user['sudo_rules'] %}
- {{ rule }} - "{{ name }} {{ rule }}"
{% endfor %} {% endfor %}
- require: - require:
- file: sudoer-defaults - file: sudoer-defaults
- file: sudoer-{{ name }} - file: sudoer-{{ name }}
{% endif %}
{% else %} {% else %}
/etc/sudoers.d/{{ name }}: /etc/sudoers.d/{{ name }}:
file.absent: file.absent: