diff options
author | Tim Smith <tsmith@chef.io> | 2020-01-13 11:18:32 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-13 11:18:32 -0800 |
commit | ee57fef138668b3b5ccc612741b3fbf5553fabf2 (patch) | |
tree | db00658734241212a684dd3690b142a2fda01f9c | |
parent | 613d35edb450efb381b449ea4b29eb1ba53ed247 (diff) | |
parent | d42f2fe246ca95c81c38d446f6a97b5b5cf8c47d (diff) | |
download | chef-ee57fef138668b3b5ccc612741b3fbf5553fabf2.tar.gz |
Merge pull request #9186 from MsysTechnologiesllc/visudo_fix
Fixes for sudo resource fails on 2nd converge when Cmnd_Alias is used
-rw-r--r-- | lib/chef/resource/sudo.rb | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/chef/resource/sudo.rb b/lib/chef/resource/sudo.rb index c045b1266b..3be06fa367 100644 --- a/lib/chef/resource/sudo.rb +++ b/lib/chef/resource/sudo.rb @@ -158,19 +158,20 @@ class Chef declare_resource(:directory, target) unless ::File.exist?(target) Chef::Log.warn("#{new_resource.filename} will be rendered, but will not take effect because the #{new_resource.config_prefix}/sudoers config lacks the includedir directive that loads configs from #{new_resource.config_prefix}/sudoers.d/!") if ::File.readlines("#{new_resource.config_prefix}/sudoers").grep(/includedir/).empty? + file_path = "#{target}#{new_resource.filename}" if new_resource.template logger.trace("Template property provided, all other properties ignored.") - declare_resource(:template, "#{target}#{new_resource.filename}") do + declare_resource(:template, file_path) do source new_resource.template mode "0440" variables new_resource.variables - verify "cat #{new_resource.config_prefix}/sudoers %{path} | #{new_resource.visudo_binary} -cf -" if visudo_present? + verify visudo_content(file_path) if visudo_present? action :create end else - declare_resource(:template, "#{target}#{new_resource.filename}") do + declare_resource(:template, file_path) do source ::File.expand_path("../support/sudoer.erb", __FILE__) local true mode "0440" @@ -185,7 +186,7 @@ class Chef setenv: new_resource.setenv, env_keep_add: new_resource.env_keep_add, env_keep_subtract: new_resource.env_keep_subtract - verify "cat #{new_resource.config_prefix}/sudoers %{path} | #{new_resource.visudo_binary} -cf -" if visudo_present? + verify visudo_content(file_path) if visudo_present? action :create end end @@ -225,6 +226,14 @@ class Chef Chef::Log.warn("The visudo binary cannot be found at '#{new_resource.visudo_binary}'. Skipping sudoer file validation. If visudo is on this system you can specify the path using the 'visudo_binary' property.") end + + def visudo_content(path) + if ::File.exists?(path) + "cat #{new_resource.config_prefix}/sudoers | #{new_resource.visudo_binary} -cf - && #{new_resource.visudo_binary} -cf %{path}" + else + "cat #{new_resource.config_prefix}/sudoers %{path} | #{new_resource.visudo_binary} -cf -" + end + end end end end |