Saltstack Official Linux Formula
Nie możesz wybrać więcej, niż 25 tematów Tematy muszą się zaczynać od litery lub cyfry, mogą zawierać myślniki ('-') i mogą mieć do 35 znaków.

sudo.sls 1.8KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
  1. {%- from "linux/map.jinja" import system with context %}
  2. {%- if system.enabled %}
  3. {%- if system.get('sudo', {}).get('enabled', False) %}
  4. {%- if system.get('sudo', {}).get('aliases', False) is mapping %}
  5. /etc/sudoers.d/90-salt-sudo-aliases:
  6. file.managed:
  7. - source: salt://linux/files/sudoer-aliases
  8. - template: jinja
  9. - user: root
  10. - group: root
  11. - mode: 440
  12. - defaults:
  13. aliases: {{ system.sudo.aliases|yaml }}
  14. - check_cmd: /usr/sbin/visudo -c -f
  15. {%- else %}
  16. /etc/sudoers.d/90-salt-sudo-aliases:
  17. file.absent:
  18. - name: /etc/sudoers.d/90-salt-sudo-aliases
  19. {%- endif %}
  20. {%- if system.get('sudo', {}).get('users', False) is mapping %}
  21. /etc/sudoers.d/91-salt-sudo-users:
  22. file.managed:
  23. - source: salt://linux/files/sudoer-users
  24. - template: jinja
  25. - user: root
  26. - group: root
  27. - mode: 440
  28. - defaults:
  29. users: {{ system.sudo.users|yaml }}
  30. - check_cmd: /usr/sbin/visudo -c -f
  31. {%- else %}
  32. /etc/sudoers.d/91-salt-sudo-users:
  33. file.absent:
  34. - name: /etc/sudoers.d/91-salt-sudo-users
  35. {%- endif %}
  36. {%- if system.get('sudo', {}).get('groups', False) is mapping %}
  37. /etc/sudoers.d/91-salt-sudo-groups:
  38. file.managed:
  39. - source: salt://linux/files/sudoer-groups
  40. - template: jinja
  41. - user: root
  42. - group: root
  43. - mode: 440
  44. - defaults:
  45. groups: {{ system.sudo.groups|yaml }}
  46. - check_cmd: /usr/sbin/visudo -c -f
  47. {%- else %}
  48. /etc/sudoers.d/91-salt-sudo-groups:
  49. file.absent:
  50. - name: /etc/sudoers.d/91-salt-sudo-groups
  51. {%- endif %}
  52. {%- else %}
  53. /etc/sudoers.d/90-salt-sudo-aliases:
  54. file.absent:
  55. - name: /etc/sudoers.d/90-salt-sudo-aliases
  56. /etc/sudoers.d/91-salt-sudo-users:
  57. file.absent:
  58. - name: /etc/sudoers.d/91-salt-sudo-users
  59. /etc/sudoers.d/91-salt-sudo-groups:
  60. file.absent:
  61. - name: /etc/sudoers.d/91-salt-sudo-groups
  62. {%- endif %}
  63. {%- endif %}