opuppet/module-sudo
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
No description
66 commits 1 branch 0 tags 40 KiB
Find a file
Jerome Charaoui 4f2d6c4454 Merge branch 'myfix' into 'master' 
properly remove access to users when requested

Just so we can erase access via puppet.

See merge request !1
2015-10-09 17:15:51 +00:00
files/sudoers Merge branch 'koumbit' into shared 2013-06-22 14:32:36 -04:00
manifests properly remove access to users when requested 2015-08-20 11:07:11 -04:00
tests add some tests 2013-06-22 13:40:28 -04:00
README.mdwn add a README explaining how to use this 2013-06-22 14:29:22 -04:00

README.mdwn 

sudo support in puppet
======================

To simply install sudo on your servers, use:

    include sudo

By default, this will not deploy any sudoers file. Use the following
to make sure a sudoers file is deployed:

    class { 'sudo': deploy_sudoers => TRUE }

This will deploy the default sudoers file shipped with the module or
one shipped in your `site_sudo` module, see `manifests/init.pp` for
the search path.

You can also use defines to grant specific access. For example, to
give access to a user:

    sudo::access { 'foo': }

This will create a file in `/etc/sudoers.d/01_user_access-foo` with a
content:

    foo ALL=(ALL) ALL

You can change parameters, for example a no password access:

    sudo::access { 'foo':
        user => 'bar',
        access => 'ALL = NOPASSWD: ALL'
    }

You can also create user aliases with:

    sudo::user_alias { 'GROUP': members => 'foo, bar' }

.. which in turn can be used in `sudo::access`:

    sudo::access { 'GROUP-access': user => 'GROUP' }