bundles/sudo: change metadata key to 'sudo_commands'

bundles/sudo/files/sudoers

@@ -6,6 +6,8 @@ Defaults secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bi
 
 root ALL=(ALL) ALL
 
-% for user in sorted(node.metadata['sudo']):
-${user} ALL=(ALL) NOPASSWD:ALL
+% for user, permissions in sorted(node.metadata['sudo'].items()):
+%     for p in sorted(permissions):
+${user} ALL=(ALL) NOPASSWD:${p}
+%     endfor
 % endfor

bundles/sudo/metadata.py

@@ -1,10 +1,10 @@
 @metadata_reactor
 def sudo_users(metadata):
-    sudoers = set()
+    sudoers = {}
 
     for username, config in metadata.get('users', {}).items():
-        if 'sudo' in config and config['sudo']:
-            sudoers.add(username)
+        if 'sudo_commands' in config:
+            sudoers[username] = config['sudo_commands']
 
     return {
         'sudo': sudoers,