Merge pull request #4 from carlosperello/master

Added support for managing included files
This commit is contained in:
Joseph Hall 2014-02-16 06:26:40 -07:00
commit 66ff6d8fee
7 changed files with 66 additions and 21 deletions

2
AUTHORS Normal file
View File

@ -0,0 +1,2 @@
Kenneth Wilke <kenneth.wilke@rackspace.com>
Carlos Perelló Marín <carlos@pemas.net>

22
LICENSE
View File

@ -1,15 +1,13 @@
epel
====
Copyright (c) 2013-2014 Salt Stack Formulas
Install the EPEL RPM and GPG key on RHEL 5/6 or CentOS 5/6.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
.. note::
http://www.apache.org/licenses/LICENSE-2.0
See the full `Salt Formulas installation and usage instructions
<http://docs.saltstack.com/topics/conventions/formulas.html>`_.
Available states
----------------
``epel``
Installs the GPG key and EPEL RPM package for the current OS.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,7 +1,7 @@
sudoers
=======
Set up the sudoers file
Set up sudo and the sudoers included files.
.. note::
@ -13,3 +13,6 @@ Available states
``sudoers``
Set up the sudoers file
``sudoers.included``
Set up an additional sudoers included file

View File

@ -26,3 +26,9 @@ sudoers:
- /usr/bin/pkill
- /usr/bin/top
includedir: /etc/sudoers.d
included_files:
/etc/sudoers.d/extra-file:
users:
foo: 'ALL=(ALL) ALL'
groups:
bargroup: 'ALL=(ALL) NOPASSWD: ALL'

View File

@ -1,13 +1,30 @@
{% set sudoers = pillar.get('sudoers', {}) %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- if (not included) %}
{%- set sudoers = pillar.get('sudoers', {}) %}
{%- if grains['os_family'] == 'Debian' %}
{%- set defaults = sudoers.get('defaults', [
'env_reset',
'mail_badpass',
'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
]) %}
{%- set users = sudoers.get('users', {'root': 'ALL=(ALL:ALL) ALL'}) %}
{%- set groups = sudoers.get('groups', {'sudo': 'ALL=(ALL:ALL) ALL'}) %}
{%- else %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- endif %}
{%- set includedir = sudoers.get('includedir', '/etc/sudoers.d') -%}
{%- else %}
{%- set defaults = sudoers.get('defaults', []) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- set includedir = sudoers.get('includedir', None) %}
{%- endif %}
{%- set aliases = sudoers.get('aliases', {}) %}
{%- set host_aliases = aliases.get('hosts', {}) %}
{%- set user_aliases = aliases.get('users', {}) %}
{%- set command_aliases = aliases.get('commands', {}) %}
{%- set runas_aliases = aliases.get('runas', {}) %}
{%- set users = sudoers.get('users', {}) %}
{%- set groups = sudoers.get('groups', {}) %}
{%- set includedir = sudoers.get('includedir', None) -%}
{%- set runas_aliases = aliases.get('runas', {}) -%}
#
# This file is managed by salt
#
@ -47,6 +64,4 @@ Runas_Alias {{ name }} = {{ ",".join(runas) }}
{% if includedir %}
#includedir {{ includedir }}
{% else %}
#includedir /etc/sudoers.d
{% endif %}

19
sudoers/included.sls Normal file
View File

@ -0,0 +1,19 @@
include:
- sudoers
{% set sudoers = pillar.get('sudoers', {}) %}
{% set included_files = sudoers.get('included_files', []) %}
{% for included_file,spec in included_files.items() -%}
{{ included_file }}:
file.managed:
- user: root
- group: root
- mode: 440
- template: jinja
- source: salt://sudoers/files/sudoers
- context:
included: True
sudoers: {{ spec }}
- require:
- file: /etc/sudoers
{% endfor %}

View File

@ -11,5 +11,7 @@ sudo:
- mode: 440
- template: jinja
- source: salt://sudoers/files/sudoers
- context:
included: False
- require:
- pkg: sudo