mac01
2012-May-31 13:52 UTC
[Puppet Users] How do puppet transform group with username in /etc/sudoers file
Hi, How can I transform group in sudoers file where users are added as "%admin ALL=(ALL) ALL" with individual user name which should fetch username from my database ? Thanks mac -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/J3FfmsoLfpQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Steve Singer
2012-May-31 15:27 UTC
Re: [Puppet Users] How do puppet transform group with username in /etc/sudoers file
On 12-05-31 09:52 AM, mac01 wrote:> > Hi, > > How can I transform group in sudoers file where users are added as > "%admin ALL=(ALL) ALL" with individual user name which should fetch > username from my database ? >In the template that generates your sudoers file you could call a custom function (that you would need to write) which queries your database to get the username. See the section on calling custom functions from templates in http://docs.puppetlabs.com/guides/custom_functions.html> Thanks > mac > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/J3FfmsoLfpQJ. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
mac01
2012-Jun-01 14:51 UTC
[Puppet Users] Re: How do puppet transform group with username in /etc/sudoers file
Hi, How to write custom facts for sudoers files where the data or username need to be fetch from a file for the owner of the system like, I want to replace %admin ALL=(ALL) ALL with username ALL=(ALL) ALL but from a file for the systems owner only so that no one can login to others system. Thanks mac On Thursday, 31 May 2012 19:22:05 UTC+5:30, mac01 wrote:> > > Hi, > > How can I transform group in sudoers file where users are added as "%admin > ALL=(ALL) ALL" with individual user name which should fetch username from > my database ? > > Thanks > mac >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/WwgO-07ou7MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Jeff McCune
2012-Jun-02 18:22 UTC
Re: [Puppet Users] How do puppet transform group with username in /etc/sudoers file
On Thursday, May 31, 2012 at 6:52 AM, mac01 wrote:> > Hi, > > How can I transform group in sudoers file where users are added as "%admin ALL=(ALL) ALL" with individual user name which should fetch username from my database ?I''m not quite clear on the question you''re asking. The most common way is to make sure the users who need super user access are a member of the admin group. You can use the user resource in Puppet to manage group membership. Another approach is to use LDAP to centralize user and group information. -Jeff -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Matt
2012-Jun-05 02:32 UTC
[Puppet Users] Re: How do puppet transform group with username in /etc/sudoers file
There is a trick I use on my infrastructure, it is around having an include dir for sudoers. You can write a custom function to retrieve the data from the database and return it as a hash. You would need to do a define if you want to define each user sudo permissions as a individual resource. Alternatively you could also use an erb and loop through the hash. On Thursday, May 31, 2012 9:52:05 AM UTC-4, mac01 wrote:> > > Hi, > > How can I transform group in sudoers file where users are added as "%admin > ALL=(ALL) ALL" with individual user name which should fetch username from > my database ? > > Thanks > mac >On Thursday, May 31, 2012 9:52:05 AM UTC-4, mac01 wrote:> > > Hi, > > How can I transform group in sudoers file where users are added as "%admin > ALL=(ALL) ALL" with individual user name which should fetch username from > my database ? > > Thanks > mac >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/pAdSaQ_CofAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.