module Promotion::Generator::Sudoers
Public Class Methods
check(specs)
click to toggle source
Writes the sudoers file after testing it with visudo
# File lib/promotion/generator/sudoers.rb, line 6 def self.check(specs) contents = IO.readlines("/etc/sudoers").collect!{ |s| s.strip() } proposals = [] specs.each { |spec| spec.elements.each("/Specification/Sudoers/UserPrivilege") { |priv| needed = "%-16s" % priv.attributes["User"] needed << " ALL = " needed << "(#{priv.attributes["Runas"]}) " if priv.attributes["Runas"] pwd = (priv.attributes["Password"] || "false").downcase() == "true" needed << (pwd ? " " : "NOPASSWD: ") needed << "#{priv.text().strip()}" proposals << needed unless contents.include?(needed.strip()) } } if proposals.size > 0 puts("\nSuggested changes to /etc/sudoers:", proposals.join("\n"), "\n") if proposals.size > 0 end end