1
0
Fork 0
mirror of synced 2024-12-21 05:31:09 -05:00

Merge pull request #5 from rfairburn/master

Support Amazon Linux and Additional defaults support
This commit is contained in:
Seth House 2014-07-21 15:33:27 -06:00
commit f78892241f
3 changed files with 43 additions and 8 deletions

View file

@ -4,9 +4,19 @@ sudoers:
groups:
sudo: 'ALL=(ALL) NOPASSWD: ALL'
defaults:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
generic:
- env_rset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
user_list:
johndoe: '!requiretty'
ADMINS: '!lecture'
host_list:
www1: 'log_year, logfile=/var/log/sudo.log'
command_list:
PROCESSES: 'noexec'
runas_list:
root: '!set_logname'
aliases:
hosts:
WEBSERVERS:

View file

@ -1,21 +1,31 @@
{%- if (not included) %}
{%- set sudoers = pillar.get('sudoers', {}) %}
{%- if grains['os_family'] == 'Debian' %}
{%- set defaults = sudoers.get('defaults', [
{%- set defaults = sudoers.get('defaults', {'generic': [
'env_reset',
'mail_badpass',
'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
]) %}
]}) %}
{%- set users = sudoers.get('users', {'root': 'ALL=(ALL:ALL) ALL'}) %}
{%- set groups = sudoers.get('groups', {'sudo': 'ALL=(ALL:ALL) ALL'}) %}
{%- else %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- set defaults = sudoers.get('defaults', {}) %}
{%- set generic_defaults = defaults.get('generic', []) %}
{%- set user_list_defaults = defaults.get('user_list', {}) %}
{%- set host_list_defaults = defaults.get('host_list', {}) %}
{%- set command_list_defaults = defaults.get('command_list', {}) %}
{%- set runas_list_defaults = defaults.get('runas_list', {}) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- endif %}
{%- set includedir = sudoers.get('includedir', '/etc/sudoers.d') -%}
{%- else %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- set defaults = sudoers.get('defaults', {}) %}
{%- set generic_defaults = defaults.get('generic', []) %}
{%- set user_list_defaults = defaults.get('user_list', {}) %}
{%- set host_list_defaults = defaults.get('host_list', {}) %}
{%- set command_list_defaults = defaults.get('command_list', {}) %}
{%- set runas_list_defaults = defaults.get('runas_list', {}) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- set includedir = sudoers.get('includedir', None) %}
@ -29,9 +39,23 @@
# This file is managed by salt
#
{% for default in defaults -%}
# Defaults specification
{% for default in generic_defaults -%}
Defaults {{ default }}
{% endfor %}
{%- for user,spec in user_list_defaults.items() %}
Defaults:{{ user }} {{ spec }}
{%- endfor %}
{%- for host,spec in host_list_defaults.items() %}
Defaults@{{ host }} {{ spec }}
{%- endfor %}
{%- for command,spec in command_list_defaults.items() %}
Defaults!{{ command }} {{ spec }}
{%- endfor %}
{%- for runas,spec in runas_list_defaults.items() %}
Defaults>{{ runas }} {{ spec }}
{%- endfor %}
# Host alias specification
{%- for name,hosts in host_aliases.items() %}
Host_Alias {{ name }} = {{ ",".join(hosts) }}

View file

@ -4,6 +4,7 @@
'CentOS': {'sudo': 'sudo'},
'Fedora': {'sudo': 'sudo'},
'RedHat': {'sudo': 'sudo'},
'Amazon': {'sudo': 'sudo'},
'Gentoo': {'sudo': 'app-admin/sudo'}
} %}