Merge pull request #4 from carlosperello/master

Added support for managing included files
pull/9/head
Joseph Hall 9 years ago
commit 66ff6d8fee
  1. 2
      AUTHORS
  2. 22
      LICENSE
  3. 5
      README.rst
  4. 6
      pillar.example
  5. 31
      sudoers/files/sudoers
  6. 19
      sudoers/included.sls
  7. 2
      sudoers/init.sls

@ -0,0 +1,2 @@
Kenneth Wilke <kenneth.wilke@rackspace.com>
Carlos Perelló Marín <carlos@pemas.net>

@ -1,15 +1,13 @@
epel
====
Copyright (c) 2013-2014 Salt Stack Formulas
Install the EPEL RPM and GPG key on RHEL 5/6 or CentOS 5/6.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
.. note::
http://www.apache.org/licenses/LICENSE-2.0
See the full `Salt Formulas installation and usage instructions
<http://docs.saltstack.com/topics/conventions/formulas.html>`_.
Available states
----------------
``epel``
Installs the GPG key and EPEL RPM package for the current OS.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

@ -1,7 +1,7 @@
sudoers
=======
Set up the sudoers file
Set up sudo and the sudoers included files.
.. note::
@ -13,3 +13,6 @@ Available states
``sudoers``
Set up the sudoers file
``sudoers.included``
Set up an additional sudoers included file

@ -26,3 +26,9 @@ sudoers:
- /usr/bin/pkill
- /usr/bin/top
includedir: /etc/sudoers.d
included_files:
/etc/sudoers.d/extra-file:
users:
foo: 'ALL=(ALL) ALL'
groups:
bargroup: 'ALL=(ALL) NOPASSWD: ALL'

@ -1,13 +1,30 @@
{% set sudoers = pillar.get('sudoers', {}) %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- if (not included) %}
{%- set sudoers = pillar.get('sudoers', {}) %}
{%- if grains['os_family'] == 'Debian' %}
{%- set defaults = sudoers.get('defaults', [
'env_reset',
'mail_badpass',
'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
]) %}
{%- set users = sudoers.get('users', {'root': 'ALL=(ALL:ALL) ALL'}) %}
{%- set groups = sudoers.get('groups', {'sudo': 'ALL=(ALL:ALL) ALL'}) %}
{%- else %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- endif %}
{%- set includedir = sudoers.get('includedir', '/etc/sudoers.d') -%}
{%- else %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- set includedir = sudoers.get('includedir', None) %}
{%- endif %}
{%- set aliases = sudoers.get('aliases', {}) %}
{%- set host_aliases = aliases.get('hosts', {}) %}
{%- set user_aliases = aliases.get('users', {}) %}
{%- set command_aliases = aliases.get('commands', {}) %}
{%- set runas_aliases = aliases.get('runas', {}) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- set includedir = sudoers.get('includedir', None) -%}
{%- set runas_aliases = aliases.get('runas', {}) -%}
#
# This file is managed by salt
#
@ -47,6 +64,4 @@ Runas_Alias {{ name }} = {{ ",".join(runas) }}
{% if includedir %}
#includedir {{ includedir }}
{% else %}
#includedir /etc/sudoers.d
{% endif %}

@ -0,0 +1,19 @@
include:
- sudoers
{% set sudoers = pillar.get('sudoers', {}) %}
{% set included_files = sudoers.get('included_files', []) %}
{% for included_file,spec in included_files.items() -%}
{{ included_file }}:
file.managed:
- user: root
- group: root
- mode: 440
- template: jinja
- source: salt://sudoers/files/sudoers
- context:
included: True
sudoers: {{ spec }}
- require:
- file: /etc/sudoers
{% endfor %}

@ -11,5 +11,7 @@ sudo:
- mode: 440
- template: jinja
- source: salt://sudoers/files/sudoers
- context:
included: False
- require:
- pkg: sudo

Loading…
Cancel
Save