Salt/users-formula
0
0
Fork 0
mirror of https://github.com/saltstack-formulas/users-formula.git synced 2025-10-31 13:21:34 +01:00
Code Issues Activity

Merge pull request #43 from 7oku/master

Browse Source 
modified visudo to only report change in salt when there is an error. also add option to remove keys from ssh_auth
This commit is contained in:
Seth House 2014-08-03 17:09:41 -06:00
commit a968eb0a0d
2 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pillar.example
View File

@ -24,6 +24,8 @@ users:
pubkey: PUBLICKEY pubkey: PUBLICKEY
ssh_auth: ssh_auth:
- PUBLICKEY - PUBLICKEY
ssh_auth.absent:
- PUBLICKEY_TO_BE_REMOVED
## Absent user ## Absent user
cuser: cuser:

14
users/init.sls
View File

@ -123,6 +123,17 @@ ssh_auth_{{ name }}_{{ loop.index0 }}:
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if 'ssh_auth.absent' in user %}
{% for auth in user['ssh_auth.absent'] %}
ssh_auth_delete_{{ name }}_{{ loop.index0 }}:
ssh_auth.absent:
- user: {{ name }}
- name: {{ auth }}
- require:
- file: {{ name }}_user
- user: {{ name }}_user
{% endfor %}
{% endif %}
{% if 'sudouser' in user and user['sudouser'] %} {% if 'sudouser' in user and user['sudouser'] %}
{% if not used_sudo %} {% if not used_sudo %}
@ -141,7 +152,8 @@ sudoer-{{ name }}:
{% for rule in user['sudo_rules'] %} {% for rule in user['sudo_rules'] %}
"validate {{ name }} sudo rule {{ loop.index0 }} {{ name }} {{ rule }}": "validate {{ name }} sudo rule {{ loop.index0 }} {{ name }} {{ rule }}":
cmd.run: cmd.run:
- name: 'visudo -cf - <<<"$rule"' - name: 'visudo -cf - <<<"$rule" | { read output; if [[ $output != "stdin: parsed OK" ]] ; then echo $output ; fi }'
- stateful: True
- shell: {{ users.visudo_shell }} - shell: {{ users.visudo_shell }}
- env: - env:
# Specify the rule via an env var to avoid shell quoting issues. # Specify the rule via an env var to avoid shell quoting issues.