Merge "Tune sudo settings on server"

author Fatih Degirmenci <fatih.degirmenci@ericsson.com>

Wed, 12 Oct 2016 12:56:49 +0000 (12:56 +0000)

committer Gerrit Code Review <gerrit@opnfv.org>

Wed, 12 Oct 2016 12:56:49 +0000 (12:56 +0000)
author Fatih Degirmenci <fatih.degirmenci@ericsson.com>
Wed, 12 Oct 2016 12:56:49 +0000 (12:56 +0000)
committer Gerrit Code Review <gerrit@opnfv.org>
Wed, 12 Oct 2016 12:56:49 +0000 (12:56 +0000)
diff --git a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp

index c4bff09..a1e7d5d 100644 (file)
--- a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
+++ b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
@@ -224,6 +224,20 @@ class opnfv::server (
      }
    }
  
-  # add hosts entries
+  # ensure that we have non-pass sudo, and
+  # not require tty
+  file_line { 'sudo_rule_no_pw':
+    path => '/etc/sudoers',
+    line => '%wheel     ALL=(ALL)       NOPASSWD: ALL',
+  }
+  file_line { 'sudo_rule_notty':
+    path   => '/etc/sudoers',
+    line   => 'Defaults    requiretty',
+    match  => '.*requiretty.*',
+    match_for_absence => true,
+    ensure => absent,
+    multiple => true,
+  }
+
    create_resources('host', hiera_hash('hosts'))
  }
author	Fatih Degirmenci <fatih.degirmenci@ericsson.com>
	Wed, 12 Oct 2016 12:56:49 +0000 (12:56 +0000)
committer	Gerrit Code Review <gerrit@opnfv.org>
	Wed, 12 Oct 2016 12:56:49 +0000 (12:56 +0000)