From cd1ddcf25f21d7f1b8bf475f55e8a96f5eb863f0 Mon Sep 17 00:00:00 2001
From: Robert Fairburn <robert.fairburn@gmail.com>
Date: Tue, 19 Aug 2014 09:26:47 -0500
Subject: [PATCH] allow for multiple lines for the same user or group

---
 pillar.example        | 14 ++++++++++----
 sudoers/files/sudoers |  8 ++++++--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/pillar.example b/pillar.example
index f3807b8..cbb2315 100644
--- a/pillar.example
+++ b/pillar.example
@@ -1,8 +1,12 @@
 sudoers:
   users:
-    johndoe: 'ALL=(ALL) ALL'
+    johndoe: 
+      - 'ALL=(ALL) ALL'
+      - 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
   groups:
-    sudo: 'ALL=(ALL) NOPASSWD: ALL'
+    sudo: 
+      - 'ALL=(ALL) ALL'
+      - 'ALL=(nodejs) NOPASSWD: ALL'
   defaults:
     generic:
       - env_rset
@@ -39,6 +43,8 @@ sudoers:
   included_files:
     /etc/sudoers.d/extra-file:
       users:
-        foo: 'ALL=(ALL) ALL'
+        foo: 
+          - 'ALL=(ALL) ALL'
       groups:
-        bargroup: 'ALL=(ALL) NOPASSWD: ALL'
+        bargroup: 
+          - 'ALL=(ALL) NOPASSWD: ALL'
diff --git a/sudoers/files/sudoers b/sudoers/files/sudoers
index 8064935..0b036f9 100644
--- a/sudoers/files/sudoers
+++ b/sudoers/files/sudoers
@@ -82,13 +82,17 @@ Runas_Alias {{ name }} = {{ ",".join(runas) }}
 {%- endfor %}
 
 # User privilege specification
-{%- for user,spec in users.items() %}
+{%- for user,specs in users.items() %}
+  {%- for spec in specs %}
 {{ user }} {{ spec }}
+  {%- endfor %}
 {%- endfor %}
 
 # Group privilege specification
-{%- for group,spec in groups.items() %}
+{%- for group,specs in groups.items() %}
+  {%- for spec in specs %}
 %{{ group }} {{ spec }}
+  {%- endfor %}
 {%- endfor %}
 
 {% if includedir %}