Code Review / releng.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 86e7153)
Tune sudo settings on server 67/22967/3
authorYolanda Robla Mota <yroblamo@redhat.com>
Tue, 11 Oct 2016 09:26:39 +0000 (11:26 +0200)
committerYolanda Robla Mota <yroblamo@redhat.com>
Tue, 11 Oct 2016 10:21:32 +0000 (12:21 +0200)
We need to have passwordless sudo, and not require
a tty.

Change-Id: Iee11cade89a45b49d6b623f07d8ccb76f9e5882d
Signed-Off-By: Yolanda Robla <yroblamo@redhat.com>
prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp patch | blob | history

diff --git a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
index c4bff09..a1e7d5d 100644 (file)
--- a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
+++ b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp
@@ -224,6 +224,20 @@ class opnfv::server (
     }
   }
 
-  # add hosts entries
+  # ensure that we have non-pass sudo, and
+  # not require tty
+  file_line { 'sudo_rule_no_pw':
+    path => '/etc/sudoers',
+    line => '%wheel     ALL=(ALL)       NOPASSWD: ALL',
+  }
+  file_line { 'sudo_rule_notty':
+    path   => '/etc/sudoers',
+    line   => 'Defaults    requiretty',
+    match  => '.*requiretty.*',
+    match_for_absence => true,
+    ensure => absent,
+    multiple => true,
+  }
+
   create_resources('host', hiera_hash('hosts'))
 }