module Promotion::Generator::Sudoers

Public Class Methods

check(specs) click to toggle source

Writes the sudoers file after testing it with visudo

# File lib/promotion/generator/sudoers.rb, line 6
def self.check(specs)
  contents = IO.readlines("/etc/sudoers").collect!{ |s| s.strip() }
  proposals = []
  specs.each { |spec|
    spec.elements.each("/Specification/Sudoers/UserPrivilege") { |priv|
      needed = "%-16s" % priv.attributes["User"]
      needed << " ALL = "
      needed << "(#{priv.attributes["Runas"]}) " if priv.attributes["Runas"]
      pwd = (priv.attributes["Password"] || "false").downcase() == "true"
      needed <<  (pwd ? " " : "NOPASSWD: ")
      needed << "#{priv.text().strip()}"
      proposals << needed unless contents.include?(needed.strip())
    }
  }
  if proposals.size > 0
    puts("\nSuggested changes to /etc/sudoers:", proposals.join("\n"), "\n") if proposals.size > 0
  end
end