diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2014-03-08 16:06:01 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2014-03-08 16:06:01 -0300 |
commit | 5b6380e022359e05eb52745593eddef91149d8b5 (patch) | |
tree | f166d5d595cebf581e35ca20901ad3037d8989c9 | |
parent | 51868a5fb2766dd0e55c6c05c45c7e2fd02e1d49 (diff) | |
download | puppet-puppet-5b6380e022359e05eb52745593eddef91149d8b5.tar.gz puppet-puppet-5b6380e022359e05eb52745593eddef91149d8b5.tar.bz2 |
Sudo configuration for the post-update hook
-rw-r--r-- | files/sudoers | 5 | ||||
-rw-r--r-- | manifests/master/update.pp | 13 |
2 files changed, 18 insertions, 0 deletions
diff --git a/files/sudoers b/files/sudoers new file mode 100644 index 0000000..71b8ab8 --- /dev/null +++ b/files/sudoers @@ -0,0 +1,5 @@ +# Cmnd alias specification +Cmnd_Alias PUPPETUPDATE = /usr/local/sbin/update-puppet-conf.sh + +# User privilege specification +gitolite ALL=(puppet) NOPASSWD:PUPPETUPDATE diff --git a/manifests/master/update.pp b/manifests/master/update.pp index f996f86..4c7a42c 100644 --- a/manifests/master/update.pp +++ b/manifests/master/update.pp @@ -44,6 +44,19 @@ class puppet::master::update( require => Exec['make-puppet-repo'], } + # sudo configuration for the post-update hook + file { '/etc/sudoers.d/puppet-update': + owner => root, + group => root, + mode => 0440, + ensure => $method ? { + 'cron' => $ensure, + default => present, + }, + source => "puppet:///modules/puppet/sudoers", + require => Package['sudo'], + } + # needed by the post-update hook above if !defined(Package['procmail']) { package { 'procmail': |