From a643385dafbe5c4e06fc452b6bc69114a3aeff63 Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Tue, 22 Dec 2020 22:18:14 +0000 Subject: [PATCH] refactor(map): use top-level `values:` key in `map.jinja` dumps * Semi-automated using https://github.com/myii/ssf-formula/pull/284 --- sudoers/_mapdata/_mapdata.jinja | 6 +- sudoers/_mapdata/init.sls | 17 ++- .../default/controls/_mapdata_spec.rb | 38 ++++- .../default/files/_mapdata/amazonlinux-1.yaml | 130 +++++++++--------- .../default/files/_mapdata/amazonlinux-2.yaml | 130 +++++++++--------- .../files/_mapdata/arch-base-latest.yaml | 130 +++++++++--------- .../default/files/_mapdata/centos-6.yaml | 130 +++++++++--------- .../default/files/_mapdata/centos-7.yaml | 130 +++++++++--------- .../default/files/_mapdata/centos-8.yaml | 130 +++++++++--------- .../default/files/_mapdata/debian-10.yaml | 130 +++++++++--------- .../default/files/_mapdata/debian-9.yaml | 130 +++++++++--------- .../default/files/_mapdata/fedora-31.yaml | 130 +++++++++--------- .../default/files/_mapdata/fedora-32.yaml | 130 +++++++++--------- .../default/files/_mapdata/opensuse-15.yaml | 130 +++++++++--------- .../default/files/_mapdata/ubuntu-16.yaml | 130 +++++++++--------- .../default/files/_mapdata/ubuntu-18.yaml | 130 +++++++++--------- .../default/files/_mapdata/ubuntu-20.yaml | 130 +++++++++--------- 17 files changed, 969 insertions(+), 912 deletions(-) diff --git a/sudoers/_mapdata/_mapdata.jinja b/sudoers/_mapdata/_mapdata.jinja index ad54eaa..aa9649c 100644 --- a/sudoers/_mapdata/_mapdata.jinja +++ b/sudoers/_mapdata/_mapdata.jinja @@ -1,9 +1,9 @@ # yamllint disable rule:indentation rule:line-length -# {{ grains.get('osfinger', grains.os) }} +# {{ grains.get("osfinger", grains.os) }} --- {#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} -{{ salt['slsutil.serialize']( - 'yaml', +{{ salt["slsutil.serialize"]( + "yaml", map, default_flow_style=False, allow_unicode=True, diff --git a/sudoers/_mapdata/init.sls b/sudoers/_mapdata/init.sls index a5270eb..ff36d95 100644 --- a/sudoers/_mapdata/init.sls +++ b/sudoers/_mapdata/init.sls @@ -2,13 +2,18 @@ # vim: ft=sls --- {#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- from tplroot ~ "/map.jinja" import sudoers as mapdata with context %} +{%- set tplroot = tpldir.split("/")[0] %} +{%- from tplroot ~ "/map.jinja" import sudoers with context %} -{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %} +{%- set _mapdata = { + "values": { + "sudoers": sudoers, + } + } %} +{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %} -{%- set output_dir = '/temp' if grains.os_family == 'Windows' else '/tmp' %} -{%- set output_file = output_dir ~ '/salt_mapdata_dump.yaml' %} +{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %} +{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %} {{ tplroot }}-mapdata-dump: file.managed: @@ -16,4 +21,4 @@ - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja - template: jinja - context: - map: {{ mapdata | yaml }} + map: {{ _mapdata | yaml }} diff --git a/test/integration/default/controls/_mapdata_spec.rb b/test/integration/default/controls/_mapdata_spec.rb index 2cced0a..6463532 100644 --- a/test/integration/default/controls/_mapdata_spec.rb +++ b/test/integration/default/controls/_mapdata_spec.rb @@ -5,19 +5,43 @@ require 'yaml' control '`map.jinja` YAML dump' do title 'should match the comparison file' + ### Method + # The steps below for each file appear convoluted but they are both required + # and similar in nature: + # 1. The earliest method was to simply compare the files textually but this often + # led to false positives due to inconsistencies (e.g. spacing, ordering) + # 2. The next method was to load the files back into YAML structures and then + # compare but InSpec provided block diffs this way, unusable by end users + # 3. The final step was to dump the YAML structures back into a string to use + # for the comparison; this both worked and provided human-friendly diffs + + ### Comparison file for the specific platform + ### Static, adjusted as part of code contributions, as map data is changed # Strip the `platform[:finger]` version number down to the "OS major release" - mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml" + platform_finger = system.platform[:finger].split('.').first.to_s + # Use that to set the path to the file (relative to the InSpec suite directory) + mapdata_file_path = "_mapdata/#{platform_finger}.yaml" + # Load the mapdata from profile, into a YAML structure + # https://docs.chef.io/inspec/profiles/#profile-files + mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path)) + # Dump the YAML back into a string for comparison + mapdata_file_dump = YAML.dump(mapdata_file_yaml) - # Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files - mapdata_dump = YAML.safe_load(inspec.profile.file(mapdata_file)) - - # Derive the location of the dumped mapdata + ### Output file produced by running the `_mapdata` state + ### Dynamic, generated during Kitchen's `converge` phase + # Derive the location of the dumped mapdata (differs for Windows) output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' - output_file = "#{output_dir}/salt_mapdata_dump.yaml" + # Use that to set the path to the file (absolute path, i.e. within the container) + output_file_path = "#{output_dir}/salt_mapdata_dump.yaml" + # Load the output into a YAML structure using InSpec's `yaml` resource + # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29 + output_file_yaml = yaml(output_file_path).params + # Dump the YAML back into a string for comparison + output_file_dump = YAML.dump(output_file_yaml) describe 'File content' do it 'should match profile map data exactly' do - expect(yaml(output_file).params).to eq(mapdata_dump) + expect(output_file_dump).to eq(mapdata_file_dump) end end end diff --git a/test/integration/default/files/_mapdata/amazonlinux-1.yaml b/test/integration/default/files/_mapdata/amazonlinux-1.yaml index 5caf6d5..772626a 100644 --- a/test/integration/default/files/_mapdata/amazonlinux-1.yaml +++ b/test/integration/default/files/_mapdata/amazonlinux-1.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Amazon Linux AMI-2018 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/amazonlinux-2.yaml b/test/integration/default/files/_mapdata/amazonlinux-2.yaml index 032fb5b..973c605 100644 --- a/test/integration/default/files/_mapdata/amazonlinux-2.yaml +++ b/test/integration/default/files/_mapdata/amazonlinux-2.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Amazon Linux-2 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/arch-base-latest.yaml b/test/integration/default/files/_mapdata/arch-base-latest.yaml index 0a9406c..e94bddb 100644 --- a/test/integration/default/files/_mapdata/arch-base-latest.yaml +++ b/test/integration/default/files/_mapdata/arch-base-latest.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Arch --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/centos-6.yaml b/test/integration/default/files/_mapdata/centos-6.yaml index cc7a84e..a905fb1 100644 --- a/test/integration/default/files/_mapdata/centos-6.yaml +++ b/test/integration/default/files/_mapdata/centos-6.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # CentOS-6 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/centos-7.yaml b/test/integration/default/files/_mapdata/centos-7.yaml index d075933..2415e45 100644 --- a/test/integration/default/files/_mapdata/centos-7.yaml +++ b/test/integration/default/files/_mapdata/centos-7.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # CentOS Linux-7 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/centos-8.yaml b/test/integration/default/files/_mapdata/centos-8.yaml index 38f574d..2671e08 100644 --- a/test/integration/default/files/_mapdata/centos-8.yaml +++ b/test/integration/default/files/_mapdata/centos-8.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # CentOS Linux-8 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/debian-10.yaml b/test/integration/default/files/_mapdata/debian-10.yaml index a1d3032..35965e9 100644 --- a/test/integration/default/files/_mapdata/debian-10.yaml +++ b/test/integration/default/files/_mapdata/debian-10.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Debian-10 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/debian-9.yaml b/test/integration/default/files/_mapdata/debian-9.yaml index f386a43..867ff5c 100644 --- a/test/integration/default/files/_mapdata/debian-9.yaml +++ b/test/integration/default/files/_mapdata/debian-9.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Debian-9 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/fedora-31.yaml b/test/integration/default/files/_mapdata/fedora-31.yaml index dc1c7c5..396216e 100644 --- a/test/integration/default/files/_mapdata/fedora-31.yaml +++ b/test/integration/default/files/_mapdata/fedora-31.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Fedora-31 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/fedora-32.yaml b/test/integration/default/files/_mapdata/fedora-32.yaml index 785cd50..c40ee0b 100644 --- a/test/integration/default/files/_mapdata/fedora-32.yaml +++ b/test/integration/default/files/_mapdata/fedora-32.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Fedora-32 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/opensuse-15.yaml b/test/integration/default/files/_mapdata/opensuse-15.yaml index c21354e..e22f89b 100644 --- a/test/integration/default/files/_mapdata/opensuse-15.yaml +++ b/test/integration/default/files/_mapdata/opensuse-15.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Leap-15 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/ubuntu-16.yaml b/test/integration/default/files/_mapdata/ubuntu-16.yaml index 2c61653..ddc982a 100644 --- a/test/integration/default/files/_mapdata/ubuntu-16.yaml +++ b/test/integration/default/files/_mapdata/ubuntu-16.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Ubuntu-16.04 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/ubuntu-18.yaml b/test/integration/default/files/_mapdata/ubuntu-18.yaml index 646c083..6069a03 100644 --- a/test/integration/default/files/_mapdata/ubuntu-18.yaml +++ b/test/integration/default/files/_mapdata/ubuntu-18.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Ubuntu-18.04 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL' diff --git a/test/integration/default/files/_mapdata/ubuntu-20.yaml b/test/integration/default/files/_mapdata/ubuntu-20.yaml index c9fe179..7cde531 100644 --- a/test/integration/default/files/_mapdata/ubuntu-20.yaml +++ b/test/integration/default/files/_mapdata/ubuntu-20.yaml @@ -1,69 +1,71 @@ # yamllint disable rule:indentation rule:line-length # Ubuntu-20.04 --- -aliases: - commands: - PROCESSES: - - /usr/bin/nice - - /bin/kill - - /usr/bin/renice - - /usr/bin/pkill - - /usr/bin/top - hosts: - WEBSERVERS: - - www1 - - www2 - - www3 - users: - ADMINS: - - millert - - dowdy - - mikef -arch: amd64 -configpath: /etc -defaults: - command_list: - PROCESSES: noexec - generic: - - env_reset - - mail_badpass - - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - host_list: - www1: log_year, logfile=/var/log/sudo.log - runas_list: - root: '!set_logname' - user_list: - ADMINS: '!lecture' - johndoe: '!requiretty' -execprefix: /usr/sbin -group: root -groups: - sudo: - - ALL=(ALL) ALL - - 'ALL=(nodejs) NOPASSWD: ALL' -included_files: - /etc/sudoers.d/extra-file: - users: - foo: - - ALL=(ALL) ALL - extra-file-2: +values: + sudoers: + aliases: + commands: + PROCESSES: + - /usr/bin/nice + - /bin/kill + - /usr/bin/renice + - /usr/bin/pkill + - /usr/bin/top + hosts: + WEBSERVERS: + - www1 + - www2 + - www3 + users: + ADMINS: + - millert + - dowdy + - mikef + arch: amd64 + configpath: /etc + defaults: + command_list: + PROCESSES: noexec + generic: + - env_reset + - mail_badpass + - secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + host_list: + www1: log_year, logfile=/var/log/sudo.log + runas_list: + root: '!set_logname' + user_list: + ADMINS: '!lecture' + johndoe: '!requiretty' + execprefix: /usr/sbin + group: root groups: - bargroup: - - 'ALL=(ALL) NOPASSWD: ALL' - extra-file-3: - netgroups: - other_netgroup: + sudo: - ALL=(ALL) ALL -includedir: /etc/sudoers.d -manage_main_config: true -netgroups: - sysadmins: - - ALL=(ALL) ALL -pkg: sudo -purge_includedir: false -users: - johndoe: - - ALL=(ALL) ALL - - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' - kitchen: - - 'ALL=(root) NOPASSWD: ALL' + - 'ALL=(nodejs) NOPASSWD: ALL' + included_files: + /etc/sudoers.d/extra-file: + users: + foo: + - ALL=(ALL) ALL + extra-file-2: + groups: + bargroup: + - 'ALL=(ALL) NOPASSWD: ALL' + extra-file-3: + netgroups: + other_netgroup: + - ALL=(ALL) ALL + includedir: /etc/sudoers.d + manage_main_config: true + netgroups: + sysadmins: + - ALL=(ALL) ALL + pkg: sudo + purge_includedir: false + users: + johndoe: + - ALL=(ALL) ALL + - 'ALL=(root) NOPASSWD: /etc/init.d/httpd' + kitchen: + - 'ALL=(root) NOPASSWD: ALL'