Skip to content

Defaults options #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tobiicerb wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Defaults options #37

tobiicerb wants to merge 3 commits into from

Conversation

@tobiicerb
Copy link

@tobiicerb tobiicerb commented Jan 5, 2022

Added additional default options, according to the manpage. This is useful after adding cmnd_aliases and runas_aliases which is the reason why this requests includes the Alias configuration.

Those are the options according to the manpage:

Default_Type ::= 'Defaults' |
           'Defaults' '@' Host_List |
           'Defaults' ':' User_List |
           'Defaults' '!' Cmnd_List |
           'Defaults' '>' Runas_List

Which looks like this in a rule definition:

Defaults!PAGER noexec
Defaults>root !set_logname

To achieve this I added another attribute to the sudo_defaults dictionary named type, which defaults to user so that it stays compatible with older definitions.

- name: 'user1'
  defaults: 'requiretty'
  #type: user
- name: PAGER
  defaults: noexec
  type: cmnd
- name: root
  defaults: '!set_logname'
  type: runas

@tobiicerb
Added Alias configuration
e5f2dc4 
User_Alias, Runas_Alias and Cmnd_Alias configuration is included.
Host_Alias is not included as it is no problem to have a host specific sudoer configuration via ansible.
@tobiicerb
Added additional Default configuration options
692afb7 
This is according to the sudoers manpage.
Default_Type ::= 'Defaults' |
           'Defaults' '@' Host_List |
           'Defaults' ':' User_List |
           'Defaults' '!' Cmnd_List |
           'Defaults' '>' Runas_List
Host_List is not available as I see no need for this configuration option if we make use of ansible.
The default if is a user list if name is defined, otherwise it is changed according to type which can be user, cmnd or runas.
@tobiicerb tobiicerb mentioned this pull request Jan 10, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tobiicerb