projects / mirror / dsa-puppet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 167ea6c)
Create and own /etc/sudoers.d
authorPeter Palfrader <peter@palfrader.org>
Sun, 8 Sep 2019 13:57:14 +0000 (15:57 +0200)
committerPeter Palfrader <peter@palfrader.org>
Sun, 8 Sep 2019 13:57:14 +0000 (15:57 +0200)
modules/sudo/manifests/init.pp patch | blob | history

diff --git a/modules/sudo/manifests/init.pp b/modules/sudo/manifests/init.pp
index 67f66a5..6215b15 100644 (file)
--- a/modules/sudo/manifests/init.pp
+++ b/modules/sudo/manifests/init.pp
@@ -17,4 +17,24 @@ class sudo {
     source  => 'puppet:///modules/sudo/sudoers',
     require => Package['sudo'],
   }
+
+  file { '/etc/sudoers.d':
+    ensure  => directory,
+    mode    => '755',
+    purge   => true,
+    recurse => true,
+    force   => true,
+    source  => 'puppet:///files/empty/',
+  }
+  file { '/etc/sudoers.d/README':
+    mode    => '440',
+    content => @(EOT),
+      # According to the README shipped with Debian 10,
+      # this directory, if included in /etc/sudoers, needs
+      # to contain at least one file.  Files which end in
+      # a '~' character or that contain a '.' are ignored.
+      #
+      # Files should be mode 0440 and be edited with visudo.
+      | EOT
+  }
 }
Unnamed repository; edit this file 'description' to name the repository.