1
0
Fork 0

feat(ordering): optionally append includefiles to main config

This commit is contained in:
noelmcloughlin 2021-08-19 00:05:27 +01:00
parent 25cd2cf0e3
commit 751eff7218
29 changed files with 41 additions and 1 deletions

View File

@ -51,7 +51,7 @@ Set up the sudoers file
``sudoers.included`` ``sudoers.included``
^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^
Set up an additional sudoers included file Set up an additional sudoers included file.
Testing Testing

View File

@ -63,3 +63,9 @@ sudoers:
netgroups: netgroups:
other_netgroup: other_netgroup:
- 'ALL=(ALL) ALL' - 'ALL=(ALL) ALL'
# ordering is important. The sudoers manpage says when multiple
# entries match, the last match is used. However, if we do not
# manage the main config, our included files may not match last.
# To guarantee included files match last, set 'true' below to append
# each '#include <includefile>' to sudoers file.
append_included_files_to_endof_main_config: true

View File

@ -10,3 +10,4 @@ sudoers:
execprefix: /usr/sbin execprefix: /usr/sbin
includedir: /etc/sudoers.d includedir: /etc/sudoers.d
included_files: {} included_files: {}
append_included_files_to_endof_main_config: false

View File

@ -0,0 +1,5 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
include:
- .install

View File

@ -40,5 +40,9 @@ sudoers include {{ included_file }}:
- file: {{ sudoers.configpath }}/sudoers - file: {{ sudoers.configpath }}/sudoers
- require_in: - require_in:
- file: {{ sudoers.includedir }} - file: {{ sudoers.includedir }}
{% elif sudoers.append_included_files_to_endof_main_config %}
file.append:
- name: {{ sudoers.configpath }}/sudoers
- text: '#include {{ sudoers.configpath }}/sudoers.d/{{ included_file }}'
{% endif %} {% endif %}
{% endfor %} {% endfor %}

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults:

View File

@ -20,6 +20,7 @@ values:
- millert - millert
- dowdy - dowdy
- mikef - mikef
append_included_files_to_endof_main_config: false
arch: amd64 arch: amd64
configpath: /etc configpath: /etc
defaults: defaults: