X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;ds=sidebyside;f=prototypes%2Fpuppet-infracloud%2Fmodules%2Fopnfv%2Fmanifests%2Fserver.pp;h=a1e7d5d0ebcd5e3ba807bf3713bacc00aff565e5;hb=refs%2Fchanges%2F67%2F22967%2F3;hp=5bbcd7506a1a5b3624fc569da491322b21f573f6;hpb=3b0bcece3e95a3e020d0cfd9014219a075502fb1;p=releng.git

diff --git a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
index 5bbcd7506..a1e7d5d0e 100644
--- a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
+++ b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
@@ -19,7 +19,6 @@ class opnfv::server (
   # Classes for all hosts
 
   include snmpd
-  include sudoers
 
   class { 'iptables':
     public_tcp_ports => $iptables_public_tcp_ports,
@@ -217,6 +216,28 @@ class opnfv::server (
     require  => Class['pip'],
   }
 
-  # add hosts entries
+  # manage root ssh
+  if ! defined(File['/root/.ssh']) {
+    file { '/root/.ssh':
+      ensure => directory,
+      mode   => '0700',
+    }
+  }
+
+  # ensure that we have non-pass sudo, and
+  # not require tty
+  file_line { 'sudo_rule_no_pw':
+    path => '/etc/sudoers',
+    line => '%wheel     ALL=(ALL)       NOPASSWD: ALL',
+  }
+  file_line { 'sudo_rule_notty':
+    path   => '/etc/sudoers',
+    line   => 'Defaults    requiretty',
+    match  => '.*requiretty.*',
+    match_for_absence => true,
+    ensure => absent,
+    multiple => true,
+  }
+
   create_resources('host', hiera_hash('hosts'))
 }