Apache
/
jclouds
mirror of https://github.com/apache/jclouds.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

JCLOUDS-973 Extending the sudo's configuration 

- Adding env_reset to the default configuration in /etc/sudoers
- Adding secure_path to the default configuration in /etc/sudoers
- secure_path value is
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
This commit is contained in:
Yavor Yanchev 2015-07-27 20:37:52 +03:00 committed by Ignasi Barrera
parent 496e27f1af
commit d45f08e82e
9 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
compute/src/test/resources/initscript_with_java.sh
View File

@ -204,6 +204,8 @@ END_OF_JCLOUDS_SCRIPT
rm -f $INSTANCE_HOME/rc rm -f $INSTANCE_HOME/rc
trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15 trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE END_OF_JCLOUDS_FILE

2
compute/src/test/resources/initscript_with_jetty.sh
View File

@ -204,6 +204,8 @@ END_OF_JCLOUDS_SCRIPT
rm -f $INSTANCE_HOME/rc rm -f $INSTANCE_HOME/rc
trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15 trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE END_OF_JCLOUDS_FILE

2
compute/src/test/resources/runscript_adminUpdate.sh
View File

@ -85,6 +85,8 @@ END_OF_JCLOUDS_SCRIPT
rm -f $INSTANCE_HOME/rc rm -f $INSTANCE_HOME/rc
trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15 trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE END_OF_JCLOUDS_FILE

7
scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java
View File

@ -41,7 +41,12 @@ public class Sudoers implements Statement {
if (family == OsFamily.WINDOWS) if (family == OsFamily.WINDOWS)
throw new UnsupportedOperationException("windows not yet implemented"); throw new UnsupportedOperationException("windows not yet implemented");
Builder<Statement> statements = ImmutableList.builder(); Builder<Statement> statements = ImmutableList.builder();
statements.add(createOrOverwriteFile(sudoers, ImmutableSet.of("root ALL = (ALL) ALL", "%wheel ALL = (ALL) NOPASSWD:ALL"))); statements.add(createOrOverwriteFile(sudoers, ImmutableSet.of(
"Defaults env_reset",
"Defaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"",
"root ALL = (ALL) ALL",
"%wheel ALL = (ALL) NOPASSWD:ALL"))
);
statements.add(exec("chmod 0440 " + sudoers)); statements.add(exec("chmod 0440 " + sudoers));
return new StatementList(statements.build()).render(family); return new StatementList(statements.build()).render(family);
} }

2
scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java
View File

@ -28,6 +28,8 @@ public class SudoStatementsTest {
assertEquals( assertEquals(
SudoStatements.createWheel().render(OsFamily.UNIX), SudoStatements.createWheel().render(OsFamily.UNIX),
"cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'\n" + "cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'\n" +
"\tDefaults env_reset\n" +
"\tDefaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\n" +
"\troot ALL = (ALL) ALL\n" + "\troot ALL = (ALL) ALL\n" +
"\t%wheel ALL = (ALL) NOPASSWD:ALL\n" + "\t%wheel ALL = (ALL) NOPASSWD:ALL\n" +
"END_OF_JCLOUDS_FILE\n" + "END_OF_JCLOUDS_FILE\n" +

2
scriptbuilder/src/test/resources/test_adminaccess_flipped.sh
View File

@ -1,5 +1,7 @@
rm /etc/sudoers rm /etc/sudoers
cat >> /etc/sudoers <<'END_OF_FILE' cat >> /etc/sudoers <<'END_OF_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_FILE END_OF_FILE

2
scriptbuilder/src/test/resources/test_adminaccess_params.sh
View File

@ -1,4 +1,6 @@
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE END_OF_JCLOUDS_FILE

2
scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh
View File

@ -1,4 +1,6 @@
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE END_OF_JCLOUDS_FILE

2
scriptbuilder/src/test/resources/test_adminaccess_standard.sh
View File

@ -1,4 +1,6 @@
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL %wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE END_OF_JCLOUDS_FILE