add sudoers check with visudo as proposed here: https://blog.afoolishmanifesto.com/posts/checking-sudoers-with-visudo-in-saltstack/
This commit is contained in:
parent
2045591a9d
commit
8d3f4d9894
|
@ -13,6 +13,7 @@ include:
|
||||||
- mode: 440
|
- mode: 440
|
||||||
- template: jinja
|
- template: jinja
|
||||||
- source: salt://sudoers/files/sudoers
|
- source: salt://sudoers/files/sudoers
|
||||||
|
- check_cmd: /usr/sbin/visudo -c -f
|
||||||
- context:
|
- context:
|
||||||
included: True
|
included: True
|
||||||
sudoers: {{ spec|json }}
|
sudoers: {{ spec|json }}
|
||||||
|
|
|
@ -11,6 +11,7 @@ sudo:
|
||||||
- mode: 440
|
- mode: 440
|
||||||
- template: jinja
|
- template: jinja
|
||||||
- source: salt://sudoers/files/sudoers
|
- source: salt://sudoers/files/sudoers
|
||||||
|
- check_cmd: /usr/sbin/visudo -c -f
|
||||||
- context:
|
- context:
|
||||||
included: False
|
included: False
|
||||||
- require:
|
- require:
|
||||||
|
|
Loading…
Reference in New Issue