FAQ
I have a manifest like this


class sudoer::spectrum {

augeas { "sudoer_spectrum_cmdalias":
context => "/files/etc/sudoers",
changes => [
"set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/name SPECTRUM_CMDS",
"set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[1] '/bin/mount -o loop,ro /opt/CA/iso/* /opt/iso/spectrum/*'",
"set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[2] '/bin/umount /opt/iso/spectrum/*'",
],
}

augeas { "sudoer_spectrum":
context => "/files/etc/sudoers",
changes => [
"set spec[user = 'spectrum']/user spectrum",
"set spec[user = 'spectrum']/host_group/host ALL",
"set spec[user = 'spectrum']/host_group/command/runas_user root",
"set spec[user = 'spectrum']/host_group/command/tag NOPASSWD",
"set spec[user = 'spectrum']/host_group/command SPECTRUM_CMDS",
],
}

}


But this fails.

The "loop,ro" upsets things.

I also tried this

"set Cmnd_Alias[alias/name =
'SPECTRUM_CMDS']/alias/command[1] '/bin/mount -o loop\,ro /opt/CA/iso/*
/opt/iso/spectrum/*'",

But the \ is passed through to the client file.

Cmnd_Alias SPECTRUM_CMDS = /bin/mount -o loop\,ro /optCA/iso/* /opt/iso/spectrum/* , /bin/umount /opt/iso/spectrum/*


I see something called sep_com used with augeas, but I am not clear on how to use it.

If I remove the ",ro" the sudoers file is upated on the client, but without the "ro", the mount command fails.

How do I put a , in the middle of the line?  Or, how do I add a : in the middle of the line as well, like this

"set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[3] '/bin/chown -R spectrum:spectrum /opt/iso/spectrum/*'",

Or, do I need to rethink how to update sudoers files?

Thanks

Craig

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Search Discussions

  • Keiran Sweet at Dec 18, 2012 at 3:29 pm
    Hi There,
    Rather than building out files dynamically, have you considered possibly
    deploying snippets of sudoers configuration out to nodes using the
    /etc/sudoers.d/ framework that is available on many operating systems ?

    This can be easily handled using the File type and applied to nodes as
    required / classified.

    However, it may not offer the flexibility you require.

    K
    On Tuesday, December 18, 2012 1:55:54 PM UTC, cncook001 wrote:

    I have a manifest like this

    class sudoer::spectrum {

    augeas { "sudoer_spectrum_cmdalias":
    context => "/files/etc/sudoers",
    changes => [
    "set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/name
    SPECTRUM_CMDS",
    "set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[1]
    '/bin/mount -o loop,ro /opt/CA/iso/* /opt/iso/spectrum/*'",
    "set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[2]
    '/bin/umount /opt/iso/spectrum/*'",
    ],
    }

    augeas { "sudoer_spectrum":
    context => "/files/etc/sudoers",
    changes => [
    "set spec[user = 'spectrum']/user spectrum",
    "set spec[user = 'spectrum']/host_group/host ALL",
    "set spec[user = 'spectrum']/host_group/command/runas_user
    root",
    "set spec[user = 'spectrum']/host_group/command/tag NOPASSWD",
    "set spec[user = 'spectrum']/host_group/command SPECTRUM_CMDS",
    ],
    }

    }

    But this fails.

    The "loop,ro" upsets things.

    I also tried this

    "set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[1]
    '/bin/mount -o loop\,ro /opt/CA/iso/* /opt/iso/spectrum/*'",

    But the \ is passed through to the client file.

    Cmnd_Alias SPECTRUM_CMDS = /bin/mount -o loop\,ro /optCA/iso/*
    /opt/iso/spectrum/* , /bin/umount /opt/iso/spectrum/*


    I see something called sep_com used with augeas, but I am not clear on how
    to use it.

    If I remove the ",ro" the sudoers file is upated on the client, but
    without the "ro", the mount command fails.

    How do I put a , in the middle of the line? Or, how do I add a : in the
    middle of the line as well, like this

    "set Cmnd_Alias[alias/name = 'SPECTRUM_CMDS']/alias/command[3]
    '/bin/chown -R spectrum:spectrum /opt/iso/spectrum/*'",

    Or, do I need to rethink how to update sudoers files?

    Thanks

    Craig
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/tvUvPwLyekMJ.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedDec 18, '12 at 2:55p
activeDec 18, '12 at 3:29p
posts2
users2
websitepuppetlabs.com

2 users in discussion

Craig Cook: 1 post Keiran Sweet: 1 post

People

Translate

site design / logo © 2022 Grokbase