Merge pull request #4 from carlosperello/master
Added support for managing included files
This commit is contained in:
commit
66ff6d8fee
|
@ -0,0 +1,2 @@
|
|||
Kenneth Wilke <kenneth.wilke@rackspace.com>
|
||||
Carlos Perelló Marín <carlos@pemas.net>
|
22
LICENSE
22
LICENSE
|
@ -1,15 +1,13 @@
|
|||
epel
|
||||
====
|
||||
Copyright (c) 2013-2014 Salt Stack Formulas
|
||||
|
||||
Install the EPEL RPM and GPG key on RHEL 5/6 or CentOS 5/6.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
.. note::
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
See the full `Salt Formulas installation and usage instructions
|
||||
<http://docs.saltstack.com/topics/conventions/formulas.html>`_.
|
||||
|
||||
Available states
|
||||
----------------
|
||||
|
||||
``epel``
|
||||
Installs the GPG key and EPEL RPM package for the current OS.
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
sudoers
|
||||
=======
|
||||
|
||||
Set up the sudoers file
|
||||
Set up sudo and the sudoers included files.
|
||||
|
||||
.. note::
|
||||
|
||||
|
@ -13,3 +13,6 @@ Available states
|
|||
|
||||
``sudoers``
|
||||
Set up the sudoers file
|
||||
|
||||
``sudoers.included``
|
||||
Set up an additional sudoers included file
|
||||
|
|
|
@ -26,3 +26,9 @@ sudoers:
|
|||
- /usr/bin/pkill
|
||||
- /usr/bin/top
|
||||
includedir: /etc/sudoers.d
|
||||
included_files:
|
||||
/etc/sudoers.d/extra-file:
|
||||
users:
|
||||
foo: 'ALL=(ALL) ALL'
|
||||
groups:
|
||||
bargroup: 'ALL=(ALL) NOPASSWD: ALL'
|
||||
|
|
|
@ -1,13 +1,30 @@
|
|||
{% set sudoers = pillar.get('sudoers', {}) %}
|
||||
{%- set defaults = sudoers.get('defaults', []) %}
|
||||
{%- if (not included) %}
|
||||
{%- set sudoers = pillar.get('sudoers', {}) %}
|
||||
{%- if grains['os_family'] == 'Debian' %}
|
||||
{%- set defaults = sudoers.get('defaults', [
|
||||
'env_reset',
|
||||
'mail_badpass',
|
||||
'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
|
||||
]) %}
|
||||
{%- set users = sudoers.get('users', {'root': 'ALL=(ALL:ALL) ALL'}) %}
|
||||
{%- set groups = sudoers.get('groups', {'sudo': 'ALL=(ALL:ALL) ALL'}) %}
|
||||
{%- else %}
|
||||
{%- set defaults = sudoers.get('defaults', []) %}
|
||||
{%- set users = sudoers.get('users', {}) %}
|
||||
{%- set groups = sudoers.get('groups', {}) %}
|
||||
{%- endif %}
|
||||
{%- set includedir = sudoers.get('includedir', '/etc/sudoers.d') -%}
|
||||
{%- else %}
|
||||
{%- set defaults = sudoers.get('defaults', []) %}
|
||||
{%- set users = sudoers.get('users', {}) %}
|
||||
{%- set groups = sudoers.get('groups', {}) %}
|
||||
{%- set includedir = sudoers.get('includedir', None) %}
|
||||
{%- endif %}
|
||||
{%- set aliases = sudoers.get('aliases', {}) %}
|
||||
{%- set host_aliases = aliases.get('hosts', {}) %}
|
||||
{%- set user_aliases = aliases.get('users', {}) %}
|
||||
{%- set command_aliases = aliases.get('commands', {}) %}
|
||||
{%- set runas_aliases = aliases.get('runas', {}) %}
|
||||
{%- set users = sudoers.get('users', {}) %}
|
||||
{%- set groups = sudoers.get('groups', {}) %}
|
||||
{%- set includedir = sudoers.get('includedir', None) -%}
|
||||
{%- set runas_aliases = aliases.get('runas', {}) -%}
|
||||
#
|
||||
# This file is managed by salt
|
||||
#
|
||||
|
@ -47,6 +64,4 @@ Runas_Alias {{ name }} = {{ ",".join(runas) }}
|
|||
|
||||
{% if includedir %}
|
||||
#includedir {{ includedir }}
|
||||
{% else %}
|
||||
#includedir /etc/sudoers.d
|
||||
{% endif %}
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
include:
|
||||
- sudoers
|
||||
|
||||
{% set sudoers = pillar.get('sudoers', {}) %}
|
||||
{% set included_files = sudoers.get('included_files', []) %}
|
||||
{% for included_file,spec in included_files.items() -%}
|
||||
{{ included_file }}:
|
||||
file.managed:
|
||||
- user: root
|
||||
- group: root
|
||||
- mode: 440
|
||||
- template: jinja
|
||||
- source: salt://sudoers/files/sudoers
|
||||
- context:
|
||||
included: True
|
||||
sudoers: {{ spec }}
|
||||
- require:
|
||||
- file: /etc/sudoers
|
||||
{% endfor %}
|
|
@ -11,5 +11,7 @@ sudo:
|
|||
- mode: 440
|
||||
- template: jinja
|
||||
- source: salt://sudoers/files/sudoers
|
||||
- context:
|
||||
included: False
|
||||
- require:
|
||||
- pkg: sudo
|
||||
|
|
Loading…
Reference in New Issue