So as I began working through sudo setups I found a unexpected problem I'm trying to find the *proper* way to correct the first time instead of having to hack code to make it work for now.
In particular we have multiple cases were the same Cmnd_alias is used with different settings. I know the correct way to fix it is to make sure there are no duplicated alias blocks in the sudoers file. What came to mind was to see if there was a way to use some *neato* Puppet magic to collect the name of each users::*user* class when sudo entries are defined. By the time the user's sudo blocks are defined there will be an array I can iterate through to build a list of all sudoers lines from all users::*user* classes to use with Puppet's stdlib to end up having only the unique settings in the users::*user*::*sudo_lines* variable / array remain to be fed to the sudo::conf function. This will ensure no duplicate blocks across /etc/sudoers and /etc/sudoers.d/* files. Can this even be done progamatically in Puppet given that it would be very difficult to ensure all user classes had run to build the big list of sudo lines. The goal here is for this to run pretty much automatically either via reading in a list of users via a paramater file and build it that way or something similar. Still being a Puppet coding newbie, I wanted to ask out to see if anyone has done something similar. Thanks! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/31986796-0597-4f62-8d82-78ce952ca6e4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
