Tune sudo settings on server

We need to have passwordless sudo, and not require a tty. Change-Id: Iee11cade89a45b49d6b623f07d8ccb76f9e5882d Signed-Off-By: Yolanda Robla <yroblamo@redhat.com>
author: Yolanda Robla Mota <yroblamo@redhat.com> 2016-10-11 11:26:39 +0200
committer: Trevor Bramwell <tbramwell@linuxfoundation.org> 2017-08-11 12:56:12 -0700
commit: 9e434f6782a293991128f6de962a776c34c370b3 (patch)
tree: 9c461e3ad6bd324f089ac383094847bd17c23fd9
parent: 3526b9c5ce2ace442377464767d3ed93e0bd2fb5 (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/puppet-infracloud/modules/opnfv/manifests/server.pp b/puppet-infracloud/modules/opnfv/manifests/server.pp
index c4bff096..a1e7d5d0 100644
--- a/puppet-infracloud/modules/opnfv/manifests/server.pp
+++ b/puppet-infracloud/modules/opnfv/manifests/server.pp
@@ -224,6 +224,20 @@ class opnfv::server (
     }
   }
 
-  # add hosts entries
+  # ensure that we have non-pass sudo, and
+  # not require tty
+  file_line { 'sudo_rule_no_pw':
+    path => '/etc/sudoers',
+    line => '%wheel     ALL=(ALL)       NOPASSWD: ALL',
+  }
+  file_line { 'sudo_rule_notty':
+    path   => '/etc/sudoers',
+    line   => 'Defaults    requiretty',
+    match  => '.*requiretty.*',
+    match_for_absence => true,
+    ensure => absent,
+    multiple => true,
+  }
+
   create_resources('host', hiera_hash('hosts'))
 }
author	Yolanda Robla Mota <yroblamo@redhat.com>	2016-10-11 11:26:39 +0200
committer	Trevor Bramwell <tbramwell@linuxfoundation.org>	2017-08-11 12:56:12 -0700
commit	9e434f6782a293991128f6de962a776c34c370b3 (patch)
tree	9c461e3ad6bd324f089ac383094847bd17c23fd9
parent	3526b9c5ce2ace442377464767d3ed93e0bd2fb5 (diff)