similar to: duplicate definition when inheriting classes

Hello, i was unable to modify the docs to ass for: http://www.reductivelabs.com/trac/puppet/wiki/LanguageStructures#Assignment the fact that you can call a variable ${<name>} in case of conflicting syntax and latter http://www.reductivelabs.com/trac/puppet/wiki/LanguageStructures#Conditionals to add the fact that the "if" coditionnal exist. Could it be added by someone who

Hello list, I took another stab at finding a way to add a sudo user remotely and it gets you most of the way there. If you execute the script as root it works beautifully and does just what you want. Which is add the user to the group and gives that user group rights to certain commands. But if you execute it as a user who only has sudo access to the /etc/sudoers file it errors out. cloud:~]

Hello everybody! How can i create with puppet following sudoers file: User_Alias CENTREON=apache,nagios CENTREON ALL = NOPASSWD: /etc/init.d/nagios* restart CENTREON ALL = NOPASSWD: /etc/init.d/nagios* reload CENTREON ALL = NOPASSWD: /usr/bin/nagios* -v * The problem that augeas create only last line, replacing previous one. -- You received this message because you are subscribed to

Hi all! I'm attempting to configure sudo rights from Samba ldap. Alas, libsssd_samba receives 0 rules and config doesn't work. I think I have the problem identified here but I don't understand why. The way sssd_sudo searches for sudoers leave all important attributes out and of course filtering then fails. Can you help me to understand why following search results are so different (and

Hi, I'm having hard time getting sssd_sudo to work: when sssd_sudo accesses Samba ldap with host principal 'dc1$@teemu.local' it can't read necessary attributes like objectclass: sudoRole. When accessing as Administrator all attributes are shown. How can I enable other users then Administrator to access sudoers' attributes? Below is an example. [root at dc1 var]# kinit

Hi I''m having some trouble with the following setup: node ''serverA'' inherits server-defaults { include myApp::install } node ''server-defaults'' inherits default { $sudoenv = ''custom_server'' } node default { $sudoenv = ''default'' include sudoers::config } class sudoers::config { file {

I am unable to get the #includedir function to work with sudo. This works just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I have this line in the file /etc/sudoers.d/zabbix-puppet zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet However sudo still requires a password. If I put that same line into /etc/sudoers file , there is no password prompt. At the end of my

Hi all! I''m trying to setup a puppet module for sudo that will write multiple files with separate data for each file, all dependent on the hiera hierarchy. Here''s the relevant portion of my hiera.yaml: > :hierarchy: > > - "datacenter/app/role/node/%{::clientcert}" > > - "datacenter/app/role/%{::server_role}" > > -

We have often the Problem that some files need to be checked for updates faster than the cycle of the puppet agent. I try to solve this with a script which tries to download the files directly from the fileserver of the puppetmaster. So far i couldn''t get it to work. I don''t know if i got the URL right, i did not find any examples on the REST API documentation for the

so I have this sudo module that I''ve been working on: class auth::sudo { package { sudo: ensure => installed } file { sudo_config: name => "/tmp/sudoers", owner => "root", group => "root", mode => 0440, notify => Exec["sudoers-syntax"], source => [

I followed the setup instructions from http://www.owlriver.com/tips/non-root/ (link from the Centos wiki). All this is done on another 'clean' system, so I have to read the terminal screen there and tell what went wrong here. I then followed my colleague's instructions to get the tar, untar, autogen, configure, and finally make rpm. Well it was that make rpm command that finally

I took your suggestion and turned my (ill advised) sudoers bash script into an expect script! It works a lot better this way and is more secure. Because I'm not trying to store a password in a script (which I recognize as a bad idea anyway, I I think I've learned my lesson here). It really works well. But the only thing I'm still trying to figure out is how to put a if statement in

I''ve just installed express b28 on my system. After installing, I decided to move /opt to a zfs pool home/opt. After installing Blastwave''s latest sudo, I did my usual edits of sudoers. When I attempted to execute sudo ls to test things I got this: rtfm:/opt/csw/etc:>sudo ls sudo: /opt/csw/etc/sudoers is owned by gid 1, should be 0 But /opt/csw/etc/sudoers permissions

Hello folks. I''ve got a problem that I can''t work out the solution to. My base workstation node definition says essentially: node base-workstation { file { etc-sudoers: name => "/etc/sudoers", ... } } This works fine, all of our workstations get a standardised sudoers file. However, I have one user on a workstation who needs a specialised sudoers file.

On Thu, 21 Apr 2016, John Gardeniers wrote: > Good news, I now have this working. Once I finish writing my notes I'll make > them available to whoever might want them. Good to hear. I tried to get his working by following some of the online docs and the sudoers docs, and never did get it to work. It'd be great if someone could put this up on the Samba wiki when it's

Hi, I have a DC on samba 4.17.12 I want store sudoers in LDAP, and use sssd for get rules from LDAP. I was configured sssd.conf [sssd] config_file_version = 2 services = nss, pam, sudo user = _sssd domains = TEST.ALT [nss] [sudo] [pam] [domain/TEST.TLD] dyndns_update = true id_provider = ad auth_provider = ad chpass_provider = ad access_provider = ad default_shell = /bin/bash

Hey Gordon, Sorry, man my bad! Disabling the tty requirement for my sudo user does indeed work. I had a type-o in the sudoers file, and when I corrected it, my sudo command via pssh started working! #pssh -i -h es_list "/bin/sudo /bin/systemctl restart elasticsearch; sleep 10" [1] 20:31:32 [SUCCESS] bluethundr at es3.jokefire.com Stderr: sudo: sorry, you must have a tty to run sudo

Hi there, Just started using Puppet since yesterday, so a totally newbie question. I tried to search the answer by myself but none of the suggestions actually worked. This is how my "modules" is laid: |-- modules | |-- mySudo | | |-- files | | | `-- sudoers | | `-- manifests | | `-- init.pp The file(s), that I want to send to the client machines, is in the

On Fri, 24 Nov 2023 13:30:13 +0500 Anton Shevtsov via samba <samba at lists.samba.org> wrote: > Hi, > > I have a DC on samba 4.17.12 > > I want store sudoers in LDAP, and use sssd for get rules from LDAP. > > I was configured sssd.conf > > [sssd] > config_file_version = 2 > services = nss, pam, sudo > user = _sssd > domains = TEST.ALT > >

# cat /proc/sys/kernel/ngroups_max 65536 # sysctl kernel.ngroups_max kernel.ngroups_max = 65536 Is there a way to change/look at AUTH_SYS? Seems I have 28 groups now as my user I tried created a test user with much less groups but it turns out it is on all those other groups. As such I tried winbind nested groups=no but this doesn't seem to change anything. On Tue, Dec 8, 2015 at 5:05