Manage sudoers
This module needs /etc/sudoers.d support, which is true for:
- RedHat 6 and up
- Ubuntu 10.04 and up.
- Unless overwrite_sudoers is false, /etc/sudoers
- Creates / deletes files on /etc/sudoers.d
This module requires pluginsync enabled
basic example:
class { 'sudoers': }
sudoers::sudo { 'vagrant':
withoutpassword => true,
}Add users with full sudo access:
sudos:
adminuser:
withoutpassword: true
cpiscina: {}
mlleidebrad: {}
mtelevisio: {}
Restrict sudo to a specific command:
sudos:
ppt-deploy:
command: /etc/init.d/nginx
ppt-deploy-service:
username: bbt-deploy
command: /usr/bin/service
sudoers::defaults:
sudoers::defaults { '!requiretty':
username => 'nrpe',
}
- overwrite_sudoers: (default: true)
- visiblepw: (default: false)
- requiretty: (default: false)
- manage_package: (default: true)
- package_ensure: (default: installed)
- sudoersd_recurse: (default: true)
- sudoersd_purge: (default: true)
- cmdname (default: resource's name)
- order (default: 10)
- command
- useraliasname (default: resource's name)
- order (default: 10)
- users
- username (default: resource's name)
- order (default: 10)
- from (default: ALL)
- users (default: ALL)
- command (default: ALL)
- withoutpassword (default: false)
Tested on:
- CentOS 6
- CentOS 7
- Ubuntu 14.04
We are pushing to have acceptance testing in place, so any new feature should have some test to check both presence and absence of any feature
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Added some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request