Ask Your Question
2

How to manage sudoers on different hosts using Hiera?

asked 2013-04-22 09:05:52 -0600

PorkCharSui gravatar image

updated 2013-04-25 08:45:25 -0600

I've created a module to give sudo rights to a specific user on a specific hostname with a define:

class sudoers {
  define sudoers($uid, $gid, $hosts) {
    if $hostname in $hosts {
      file { "/etc/sudoers.d/${name}@$hostname":
        ensure  => present,
        owner   => root, group => root, mode => 0440,
        content => "${name} ALL=(ALL) ALL",
      }
<snip a lot of administration where uid and gid are used>
}
sudoers { "p123456:", uid => "10123456", gid => "10123456", hosts => ["hostname","other-hostname"], }
sudoers { "p654321:", uid => "10654321", gid => "10654321", hosts => ["other-hostname","different-hostname"], }# Here I would fill in the users specific data.

This means I have very specific user data in my module. I ... (more)

edit retag flag offensive close merge delete

Comments

Excellent. Thanks for taking the time to add the edits. If you accept the answer, it will mark this question as solved.

Ancillas gravatar imageAncillas ( 2013-04-25 10:31:07 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted
2

answered 2013-04-22 10:28:03 -0600

Ancillas gravatar image

updated 2013-04-22 10:28:38 -0600

Well, firstly, your error is being generated because wherever it is you're calling hiera_test, you're not passing in $sudoers as a parameter.

Secondly, a defined type should be independent of a class.

You might have a file called sudouser.pp which contains your defined type.

define sudouser (
  $uid,
  $gid,
  $hosts,
) {
  if ! is_array($hosts) {
    fail('The $hosts parameter must be an array')
  }

  if $::hostname in $hosts {
    file { "/etc/sudoers.d/${name}@$hostname":
      ensure  => present,
      owner   => 'root', 
      group   => 'root', 
      mode    => '0440',
      content => "${name} ALL=(ALL) ALL",
    }
  }
}

You'll then call that defined type from another class. For this example, I ... (more)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2013-04-22 09:05:52 -0600

Seen: 1,032 times

Last updated: Apr 25 '13