From 0fbaed2a6ae399827b1de6cac9fdd73b98364d5f Mon Sep 17 00:00:00 2001 From: Kenneth Wilke Date: Mon, 19 Aug 2013 17:06:34 -0500 Subject: [PATCH] starting some stuff out here --- README.rst | 2 +- pillar.example | 19 +++++++++++++++++++ sudoers/files/sudoers | 24 ++++++++++++++++++++++++ sudoers/init.sls | 10 ++++++++++ 4 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 pillar.example create mode 100644 sudoers/files/sudoers create mode 100644 sudoers/init.sls diff --git a/README.rst b/README.rst index 27d508a..2b244f5 100644 --- a/README.rst +++ b/README.rst @@ -1,7 +1,7 @@ sudoers ======= -Set up the sudoers file +Set up the sudoers file (WORK IN PROGRESS) .. note:: diff --git a/pillar.example b/pillar.example new file mode 100644 index 0000000..ca66c07 --- /dev/null +++ b/pillar.example @@ -0,0 +1,19 @@ +sudoers: + users: + # Simple user + johndoe: + - commands: + - ALL + # Defaults + janedoe: + - hosts: ALL + - runas: ALL + - commands: + - ALL + groups: + sudo: + - commands: + # Command tags + - ALL: + - NOPASSWD + #include: /etc/sudoers.d diff --git a/sudoers/files/sudoers b/sudoers/files/sudoers new file mode 100644 index 0000000..f3b3b48 --- /dev/null +++ b/sudoers/files/sudoers @@ -0,0 +1,24 @@ +{% set sudoers = pillar.get('sudoers', {}) %} +{% set users = sudoers.get('users', {} %} +{% set groups = sudoers.get('users', {} %} +{% set includedir = sudoers.get('includedir', None) %} + +# +# This file is managed by salt +# +# Host alias specification + +# User alias specification + +# Cmnd alias specification + +# User privilege specification + + +# Group privilege specification + +{% if includes %} +includedir {{ includedir }} +{% else %} +#includedir /etc/sudoers.d +{% endif %} diff --git a/sudoers/init.sls b/sudoers/init.sls new file mode 100644 index 0000000..75ce735 --- /dev/null +++ b/sudoers/init.sls @@ -0,0 +1,10 @@ +sudo: + pkg.installed + +/etc/sudoers: + file.managed: + - user: root + - group: root + - mode: 440 + - template: jinja + - source: salt://sudoders/files/sudoers