From 9e434f6782a293991128f6de962a776c34c370b3 Mon Sep 17 00:00:00 2001 From: Yolanda Robla Mota Date: Tue, 11 Oct 2016 11:26:39 +0200 Subject: Tune sudo settings on server We need to have passwordless sudo, and not require a tty. Change-Id: Iee11cade89a45b49d6b623f07d8ccb76f9e5882d Signed-Off-By: Yolanda Robla --- puppet-infracloud/modules/opnfv/manifests/server.pp | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/puppet-infracloud/modules/opnfv/manifests/server.pp b/puppet-infracloud/modules/opnfv/manifests/server.pp index c4bff096..a1e7d5d0 100644 --- a/puppet-infracloud/modules/opnfv/manifests/server.pp +++ b/puppet-infracloud/modules/opnfv/manifests/server.pp @@ -224,6 +224,20 @@ class opnfv::server ( } } - # add hosts entries + # ensure that we have non-pass sudo, and + # not require tty + file_line { 'sudo_rule_no_pw': + path => '/etc/sudoers', + line => '%wheel ALL=(ALL) NOPASSWD: ALL', + } + file_line { 'sudo_rule_notty': + path => '/etc/sudoers', + line => 'Defaults requiretty', + match => '.*requiretty.*', + match_for_absence => true, + ensure => absent, + multiple => true, + } + create_resources('host', hiera_hash('hosts')) } -- cgit 1.2.3-korg