class Sudoers
Public Instance Methods
deploy()
click to toggle source
# File lib/dust/recipes/sudoers.rb, line 3 def deploy return unless @node.install_package 'sudo' @config.each do |name, rule| @node.messages.add("deploying sudo rules '#{name}'\n") # rulename: 'myrule' if rule.is_a? String file = "#{rule}\n" # rulename: { user: [ user1, user2 ], command: [ cmd1, cmd2 ] } else unless rule['user'] and rule['command'] @node.messages.add('user or command missing', :indent => 2).failed next end file = '' rule['user'].each do |u| rule['command'].each { |c| file << "#{u} #{c}\n" } end end deploy_rule(name, file) end remove_other_rules end
Private Instance Methods
deploy_rule(name, file)
click to toggle source
# File lib/dust/recipes/sudoers.rb, line 54 def deploy_rule(name, file) @node.write("/etc/sudoers.d/#{name}", file, :indent => 2) @node.chmod('0440', "/etc/sudoers.d/#{name}", :indent => 2) @node.chown('root:root', "/etc/sudoers.d/#{name}", :indent => 2) end
remove_other_rules()
click to toggle source
# File lib/dust/recipes/sudoers.rb, line 35 def remove_other_rules msg = @node.messages.add("removing non-dust rules\n") ret = @node.exec('ls /etc/sudoers.d/* |cat') if ret[:exit_code] != 0 return @node.messages.add('couldn\'t get installed rule list, skipping deletion of old rules').warning end # get unmaintained rules old_rules = [] ret[:stdout].each_line do |file| file.chomp! old_rules << file unless @config.keys.include?(File.basename(file)) end # delete old rules, or display message that none were found old_rules.each { |file| @node.rm(file, :indent => 2) } @node.messages.add('none found', :indent => 2).ok if old_rules.empty? end