Skip to content

Allow setting validate_cmd command as a parameter #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
petems wants to merge 1 commit into from
Closed

Allow setting validate_cmd command as a parameter #39

petems wants to merge 1 commit into from

Conversation

@petems
Copy link
Contributor

@petems petems commented Apr 20, 2016

  • I've found putting a cat before the visudo allows better debugging. But it's easier to just allow a user to pick what they want, so lets do that as a parameter! 😄
validate_command = '/bin/cat % && /usr/sbin/visudo -c -f %`

Error: Execution of '/bin/cat /etc/sudoers.d/FAIL20160420-3555-17pxezk && /usr/sbin/visudo -c -f /etc/sudoers.d/FAIL20160420-3555-17pxezk' returned 1: # Managed by Puppet! Do not edit locally.


  #
  # This should fail

  Host_Alias  FAIL_HOSTS = ALL
  Runas_Alias FAIL_RUNAS = root
  Cmnd_Alias  FAIL_CMNDS = ALL


  % FAIL_HOSTS = (FAIL_RUNAS) NOPASSWD: FAIL_CMNDS
  visudo: >>> /etc/sudoers.d/FAIL20160420-3555-17pxezk: syntax error near line 12 <<<
  parse error in /etc/sudoers.d/FAIL20160420-3555-17pxezk near line 12
  Error: /Stage[main]/Main/Sudo::Sudoers[FAIL]/File[/etc/sudoers.d/FAIL]/ensure: change from absent to file failed: Execution of '/bin/cat /etc/sudoers.d/FAIL20160420-3555-17pxezk && /usr/sbin/visudo -c -f /etc/sudoers.d/FAIL20160420-3555-17pxezk' returned 1: # Managed by Puppet! Do not edit locally.

@petems
Allow setting validate_cmd command as a parameter
7d742e3 
* Allows better debugging:

```
validate_command = '/bin/cat % && /usr/sbin/visudo -c -f %`
```

```
Error: Execution of '/bin/cat /etc/sudoers.d/FAIL20160420-3555-17pxezk && /usr/sbin/visudo -c -f /etc/sudoers.d/FAIL20160420-3555-17pxezk' returned 1: # Managed by Puppet! Do not edit locally.


  #
  # This should fail

  Host_Alias  FAIL_HOSTS = ALL
  Runas_Alias FAIL_RUNAS = root
  Cmnd_Alias  FAIL_CMNDS = ALL


  % FAIL_HOSTS = (FAIL_RUNAS) NOPASSWD: FAIL_CMNDS
  visudo: >>> /etc/sudoers.d/FAIL20160420-3555-17pxezk: syntax error near line 12 <<<
  parse error in /etc/sudoers.d/FAIL20160420-3555-17pxezk near line 12
  Error: /Stage[main]/Main/Sudo::Sudoers[FAIL]/File[/etc/sudoers.d/FAIL]/ensure: change from absent to file failed: Execution of '/bin/cat /etc/sudoers.d/FAIL20160420-3555-17pxezk && /usr/sbin/visudo -c -f /etc/sudoers.d/FAIL20160420-3555-17pxezk' returned 1: # Managed by Puppet! Do not edit locally.
```
@petems
Copy link
Contributor Author

petems commented May 13, 2016

I've moved this parameter definition work into the FreeBSD PR: #45

@petems petems closed this May 13, 2016
@petems petems deleted the allow_setting_validate_command branch May 13, 2016 09:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@petems