opuppet/module-sudo
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
No description
59 commits 1 branch 0 tags 40 KiB
Find a file
Micah Anderson 6b3428b8c2 remove 'include sudo' because this would result in a duplicate definition if you 
have in your site_sudo something like:

  class { 'sudo': deploy_sudoers => true }

instead we just declare a class dependency on the file in the define
2013-06-22 14:51:50 -04:00
files/sudoers Merge branch 'koumbit' into shared 2013-06-22 14:32:36 -04:00
manifests remove 'include sudo' because this would result in a duplicate definition if you 2013-06-22 14:51:50 -04:00
tests add some tests 2013-06-22 13:40:28 -04:00
README.mdwn add a README explaining how to use this 2013-06-22 14:29:22 -04:00

README.mdwn 

sudo support in puppet
======================

To simply install sudo on your servers, use:

    include sudo

By default, this will not deploy any sudoers file. Use the following
to make sure a sudoers file is deployed:

    class { 'sudo': deploy_sudoers => TRUE }

This will deploy the default sudoers file shipped with the module or
one shipped in your `site_sudo` module, see `manifests/init.pp` for
the search path.

You can also use defines to grant specific access. For example, to
give access to a user:

    sudo::access { 'foo': }

This will create a file in `/etc/sudoers.d/01_user_access-foo` with a
content:

    foo ALL=(ALL) ALL

You can change parameters, for example a no password access:

    sudo::access { 'foo':
        user => 'bar',
        access => 'ALL = NOPASSWD: ALL'
    }

You can also create user aliases with:

    sudo::user_alias { 'GROUP': members => 'foo, bar' }

.. which in turn can be used in `sudo::access`:

    sudo::access { 'GROUP-access': user => 'GROUP' }