3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
# File 'manifests/sudoers.pp', line 3
class boxen::sudoers {
$boxen_commands = [
'/bin/mkdir -p /tmp/puppet',
"/bin/mkdir -p ${::boxen_home}",
"/usr/sbin/chown ${::boxen_user}\\:staff ${::boxen_home}",
"${boxen::config::repodir}/bin/puppet",
'/bin/rm -f /tmp/boxen.log'
]
$launchctl_commands = [
'/bin/launchctl load',
'/bin/launchctl unload'
]
sudoers::allowed_command{ 'boxen_repo':
command => join($boxen_commands, ','),
user => $::boxen_user,
require_password => false,
comment => 'Allows boxen user to manipulate boxen and puppet',
require_exist => false
}
sudoers::allowed_command{ 'boxen_launchct':
command => join($launchctl_commands, ','),
user => $::boxen_user,
require_password => false,
comment => 'Allow boxen user to control services',
require_exist => false
}
}
|