Code Review / releng.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Tune sudo settings on server
[releng.git] / prototypes / puppet-infracloud / modules / opnfv / manifests / server.pp
diff --git a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
index c4bff09..a1e7d5d 100644 (file)
--- a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
+++ b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
@@ -224,6 +224,20 @@ class opnfv::server (
     }
   }
 
-  # add hosts entries
+  # ensure that we have non-pass sudo, and
+  # not require tty
+  file_line { 'sudo_rule_no_pw':
+    path => '/etc/sudoers',
+    line => '%wheel     ALL=(ALL)       NOPASSWD: ALL',
+  }
+  file_line { 'sudo_rule_notty':
+    path   => '/etc/sudoers',
+    line   => 'Defaults    requiretty',
+    match  => '.*requiretty.*',
+    match_for_absence => true,
+    ensure => absent,
+    multiple => true,
+  }
+
   create_resources('host', hiera_hash('hosts'))
 }