Browse Source

changing visudo checking to avoid wrong reporting when launched with test=true

lookup-fix-3
Serg Kand 9 years ago
parent
commit
819d73a596
1 changed files with 6 additions and 0 deletions
  1. +6
    -0
      users/init.sls

+ 6
- 0
users/init.sls View File

@@ -325,6 +325,7 @@ users_sudoer-{{ name }}:
- group: {{ users.root_group }}
- mode: '0440'
{% if 'sudo_rules' in user or 'sudo_defaults' in user %}
#{#%
{% if 'sudo_rules' in user %}
{% for rule in user['sudo_rules'] %}
"validate {{ name }} sudo rule {{ loop.index0 }} {{ name }} {{ rule }}":
@@ -353,6 +354,7 @@ users_sudoer-{{ name }}:
- file: users_{{ users.sudoers_dir }}/{{ name }}
{% endfor %}
{% endif %}
#%#}

users_{{ users.sudoers_dir }}/{{ name }}:
file.managed:
@@ -371,6 +373,10 @@ users_{{ users.sudoers_dir }}/{{ name }}:
- require:
- file: users_sudoer-defaults
- file: users_sudoer-{{ name }}
cmd.wait:
- name: visudo -cf {{ users.sudoers_dir }}/{{ name }} || ( rm -rvf {{ users.sudoers_dir }}/{{ name }}; exit 1 )
- watch:
- file: {{ users.sudoers_dir }}/{{ name }}
{% endif %}
{% else %}
users_{{ users.sudoers_dir }}/{{ name }}:

Loading…
Cancel
Save