Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Import sudo version 1.0.0

  • Loading branch information...
commit 0374aefb7bd55f1b4ef0d9c9f29741eddcf76b59 1 parent 6118ce8
@smith smith authored
View
17 sudo/README.md
@@ -13,11 +13,15 @@ ATTRIBUTES
The following attributes are set to blank arrays:
- node[:authorization][:sudo][:groups]
- node[:authorization][:sudo][:users]
+ node['authorization']['sudo']['groups']
+ node['authorization']['sudo']['users']
They are passed into the sudoers template which iterates over the values to add sudo permission to the specified users and groups.
+If you prefer to use passwordless sudo just set the following attribute to true:
+
+ node['authorization']['sudo']['passwordless']
+
USAGE
=====
@@ -26,7 +30,8 @@ To use this cookbook, set the attributes above on the node via a role or the nod
"authorization" => {
"sudo" => {
"groups" => ["admin", "wheel", "sysadmin"],
- "users" => ["jerry", "greg"]
+ "users" => ["jerry", "greg"],
+ "passwordless" => true
}
}
@@ -42,7 +47,8 @@ In JSON (role.json or on the node object):
"users": [
"jerry",
"greg"
- ]
+ ],
+ "passwordless": true
}
}
@@ -52,8 +58,9 @@ LICENSE AND AUTHOR
==================
Author:: Adam Jacob <adam@opscode.com>
+Author:: Seth Chisamore <schisamo@opscode.com>
-Copyright 2009-2010, Opscode, Inc.
+Copyright 2009-2011, Opscode, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
View
7 sudo/attributes/default.rb
@@ -2,7 +2,7 @@
# Cookbook Name:: sudo
# Attribute File:: sudoers
#
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2011, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -17,5 +17,6 @@
# limitations under the License.
#
-default[:authorization][:sudo][:groups] = Array.new
-default[:authorization][:sudo][:users] = Array.new
+default['authorization']['sudo']['groups'] = Array.new
+default['authorization']['sudo']['users'] = Array.new
+default['authorization']['sudo']['passwordless'] = false
View
134 sudo/metadata.json
@@ -1,102 +1,104 @@
{
+ "name": "sudo",
+ "description": "Installs sudo and configures /etc/sudoers",
+ "long_description": "",
+ "maintainer": "Opscode, Inc.",
+ "maintainer_email": "cookbooks@opscode.com",
+ "license": "Apache 2.0",
+ "platforms": {
+ "redhat": ">= 0.0.0",
+ "centos": ">= 0.0.0",
+ "fedora": ">= 0.0.0",
+ "ubuntu": ">= 0.0.0",
+ "debian": ">= 0.0.0",
+ "freebsd": ">= 0.0.0"
+ },
+ "dependencies": {
+ },
"recommendations": {
},
+ "suggestions": {
+ },
+ "conflicting": {
+ },
+ "providing": {
+ },
+ "replacing": {
+ },
"attributes": {
- "authorization/sudoers/groups": {
- "required": "optional",
- "calculated": false,
+ "authorization": {
+ "display_name": "Authorization",
+ "description": "Hash of Authorization attributes",
+ "type": "hash",
"choice": [
],
- "default": "",
- "type": "array",
+ "calculated": false,
+ "required": "optional",
"recipes": [
- ],
- "description": "Groups who are allowed sudo ALL",
- "display_name": "Sudo Groups"
+ ]
},
- "authorization": {
- "required": "optional",
- "calculated": false,
+ "authorization/sudoers": {
+ "display_name": "Authorization Sudoers",
+ "description": "Hash of Authorization/Sudoers attributes",
+ "type": "hash",
"choice": [
],
- "type": "hash",
+ "calculated": false,
+ "required": "optional",
"recipes": [
- ],
- "description": "Hash of Authorization attributes",
- "display_name": "Authorization"
+ ]
},
"authorization/sudoers/users": {
- "required": "optional",
- "calculated": false,
+ "display_name": "Sudo Users",
+ "description": "Users who are allowed sudo ALL",
+ "type": "array",
+ "default": "",
"choice": [
],
- "default": "",
- "type": "array",
+ "calculated": false,
+ "required": "optional",
"recipes": [
- ],
- "description": "Users who are allowed sudo ALL",
- "display_name": "Sudo Users"
+ ]
},
- "authorization/sudoers": {
- "required": "optional",
- "calculated": false,
+ "authorization/sudoers/groups": {
+ "display_name": "Sudo Groups",
+ "description": "Groups who are allowed sudo ALL",
+ "type": "array",
+ "default": "",
"choice": [
],
- "type": "hash",
+ "calculated": false,
+ "required": "optional",
"recipes": [
- ],
- "description": "Hash of Authorization/Sudoers attributes",
- "display_name": "Authorization Sudoers"
- }
- },
- "suggestions": {
- },
- "dependencies": {
- },
- "conflicting": {
- },
- "long_description": "",
- "platforms": {
- "debian": [
-
- ],
- "fedora": [
-
- ],
- "centos": [
-
- ],
- "freebsd": [
-
- ],
- "ubuntu": [
+ ]
+ },
+ "authorization/sudoers/passwordless": {
+ "display_name": "Passwordless Sudo",
+ "description": "",
+ "type": "string",
+ "default": "false",
+ "choice": [
- ],
- "redhat": [
+ ],
+ "calculated": false,
+ "required": "optional",
+ "recipes": [
- ]
- },
- "license": "Apache 2.0",
- "version": "0.9.1",
- "providing": {
+ ]
+ }
},
- "maintainer": "Opscode, Inc.",
- "replacing": {
+ "groupings": {
},
- "name": "sudo",
"recipes": {
"sudo": "Installs sudo and configures /etc/sudoers"
},
- "maintainer_email": "cookbooks@opscode.com",
- "description": "Installs sudo and configures /etc/sudoers",
- "groupings": {
- }
+ "version": "1.0.0"
}
View
8 sudo/metadata.rb
@@ -2,7 +2,7 @@
maintainer_email "cookbooks@opscode.com"
license "Apache 2.0"
description "Installs sudo and configures /etc/sudoers"
-version "0.9.1"
+version "1.0.0"
recipe "sudo", "Installs sudo and configures /etc/sudoers"
@@ -31,3 +31,9 @@
:description => "Groups who are allowed sudo ALL",
:type => "array",
:default => ""
+
+attribute "authorization/sudoers/passwordless",
+ :display_name => "Passwordless Sudo",
+ :description => "",
+ :type => "string",
+ :default => "false"
View
7 sudo/recipes/default.rb
@@ -2,7 +2,7 @@
# Cookbook Name:: sudo
# Recipe:: default
#
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2011, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,7 +27,8 @@
owner "root"
group "root"
variables(
- :sudoers_groups => node[:authorization][:sudo][:groups],
- :sudoers_users => node[:authorization][:sudo][:users]
+ :sudoers_groups => node['authorization']['sudo']['groups'],
+ :sudoers_users => node['authorization']['sudo']['users'],
+ :passwordless => node['authorization']['sudo']['passwordless']
)
end
View
12 sudo/templates/default/sudoers.erb
@@ -1,22 +1,22 @@
#
# /etc/sudoers
-#
+#
# Generated by Chef for <%= node[:fqdn] %>
-#
+#
Defaults !lecture,tty_tickets,!fqdn
# User privilege specification
-root ALL=(ALL) ALL
+root ALL=(ALL) ALL
<% @sudoers_users.each do |user| -%>
-<%= user %> ALL=(ALL) ALL
+<%= user %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless %>ALL
<% end -%>
# Members of the sysadmin group may gain root privileges
-%sysadmin ALL=(ALL) ALL
+%sysadmin ALL=(ALL) <%= "NOPASSWD:" if @passwordless %>ALL
<% @sudoers_groups.each do |group| -%>
# Members of the group '<%= group %>' may gain root privileges
-%<%= group %> ALL=(ALL) NOPASSWD: ALL
+%<%= group %> ALL=(ALL) <%= "NOPASSWD:" if @passwordless %>ALL
<% end -%>
Please sign in to comment.
Something went wrong with that request. Please try again.