From 7ee2569b451d1bd8c866b21416cb77066c14f6ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= <javier@netmanagers.com.ar>
Date: Mon, 24 Aug 2020 16:18:36 -0300
Subject: [PATCH] fix(config): remove dictsort that breaks sudoers

in bc62b6e5 dictsort was applied to the pillar entries. But in the
sudoers file *order matters* so, using `dictsort`, breaks it.

From man 5 sudoers:

> When multiple entries match for a user, they are
> applied in order.  Where there are multiple matches, the last match
> is used (which is not necessarily the most specific match).

Removed `dictsort` from the {users,groups,netgroups} specifications.

BREAKING CHANGE: sudoers entries' order will change and might break
existing configuration. You should check your pillars and rendering.
---
 sudoers/files/sudoers | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/sudoers/files/sudoers b/sudoers/files/sudoers
index 475b30b..140c6a2 100644
--- a/sudoers/files/sudoers
+++ b/sudoers/files/sudoers
@@ -84,24 +84,24 @@ Cmnd_Alias {{ name }} = {{ ",".join(commands) }}
 Runas_Alias {{ name }} = {{ ",".join(runas) }}
 {%- endfor %}
 
-# User privilege specification
-{%- for user,specs in users|dictsort %}
+# Netgroup privilege specification
+{%- for netgroup,specs in netgroups.items() %}
   {%- for spec in specs %}
-{{ user }} {{ spec }}
++{{ netgroup }} {{ spec }}
   {%- endfor %}
 {%- endfor %}
 
 # Group privilege specification
-{%- for group,specs in groups|dictsort %}
+{%- for group,specs in groups.items() %}
   {%- for spec in specs %}
 %{{ group }} {{ spec }}
   {%- endfor %}
 {%- endfor %}
 
-# Netgroup privilege specification
-{%- for netgroup,specs in netgroups.items() %}
+# User privilege specification
+{%- for user,specs in users.items() %}
   {%- for spec in specs %}
-+{{ netgroup }} {{ spec }}
+{{ user }} {{ spec }}
   {%- endfor %}
 {%- endfor %}