feat: implement option to purge included files directory

saltstack-formulas · Nov 24, 2020 · c5acbc6 · c5acbc6
1 parent 153ac6e
commit c5acbc6
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 0 deletions.
diff --git a/pillar.example b/pillar.example
@@ -4,6 +4,8 @@
 sudoers:
   # By default the main sudoers file is managed by this formula (False to skip)
   manage_main_config: true
+  # By default the included directory is not purged from unwanted files
+  purge_includedir: false
   users:
     johndoe:
       - 'ALL=(ALL) ALL'

diff --git a/sudoers/defaults.yaml b/sudoers/defaults.yaml
@@ -4,6 +4,7 @@
 sudoers:
   pkg: sudo
   manage_main_config: true
+  purge_includedir: false
   configpath: /etc
   group: root
   execprefix: /usr/sbin

diff --git a/sudoers/included.sls b/sudoers/included.sls
@@ -9,6 +9,13 @@
 include:
   - sudoers
 
+{{ sudoers.includedir }}:
+  file.directory:
+    - user: root
+    - group: {{ sudoers.group }}
+    - mode: 440
+    - clean: {{ sudoers.purge_includedir }}
+
 {% set included_files = sudoers.included_files %}
 {% for included_file, spec in included_files.items() -%}
 sudoers include {{ included_file }}: