bundles/sudo: add bundle

2020-03-27 11:52:17 +00:00 · 2020-03-27 11:52:17 +00:00 · 067b498bf2
commit 067b498bf2
parent 9a956e832a
4 changed files with 33 additions and 3 deletions
--- a/bundles/sudo/files/sudoers
+++ b/bundles/sudo/files/sudoers
@ -0,0 +1,11 @@
+Defaults timestamp_timeout=5
+Defaults insults
+Defaults passwd_timeout=10
+Defaults env_reset
+
+
+root ALL=(ALL) ALL
+
+% for user in node.metadata['sudo']:
+${user} ALL=(ALL) NOPASSWD:ALL
+% endfor
--- a/bundles/sudo/items.py
+++ b/bundles/sudo/items.py
@ -0,0 +1,9 @@
+groups = {
+    'sudo': {},
+}
+
+files = {
+    '/etc/sudoers': {
+        'content_type': 'mako',
+    },
+}
--- a/bundles/sudo/metadata.py
+++ b/bundles/sudo/metadata.py
@ -0,0 +1,11 @@
+@metadata_processor
+def sudo_users(metadata):
+    sudoers = []
+
+    for username, config in metadata.get('users', {}).items():
+        if 'sudo' in config and config['sudo']:
+            sudoers.append(username)
+
+    metadata['sudo'] = sudoers
+
+    return metadata, RUN_ME_AGAIN