Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sudoers validate #4794

Merged
merged 23 commits into from
Jun 21, 2022
Merged

Sudoers validate #4794

merged 23 commits into from
Jun 21, 2022

Conversation

JonEllis
Copy link
Contributor

@JonEllis JonEllis commented Jun 6, 2022

SUMMARY

Fixes #4745

Validates the proposed rule via visudo before creating the actual rule, so that any invalid rules will not continue to be saved to files.

This also sets the mode of the created files to 0440 as requested by sudo.

ISSUE TYPE
  • Feature Pull Request

@ansibullbot
Copy link
Collaborator

@JonEllis this PR contains the following merge commits:

Please rebase your branch to remove these commits.

click here for bot help

@ansibullbot ansibullbot added WIP Work in progress feature This issue/PR relates to a feature request merge_commit This PR contains at least one merge commit. Please resolve! module module needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html labels Jun 6, 2022
@ansibullbot

This comment was marked as outdated.

Sign in to view
@JonEllis
Copy link
Contributor Author

JonEllis commented Jun 6, 2022

On reflection, this should check the file permissions as a separate step, check and update them if necessary even if the file has the correct content.

@ansibullbot
Copy link
Collaborator

cc @JonEllis0
click here for bot help

@ansibullbot ansibullbot added integration tests/integration plugins plugin (any type) system tests tests and removed merge_commit This PR contains at least one merge commit. Please resolve! needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html labels Jun 6, 2022
@JonEllis
Copy link
Contributor Author

JonEllis commented Jun 7, 2022

How does this look to add visudo validation to sudoers files?

@JonEllis JonEllis marked this pull request as ready for review June 7, 2022 22:49
@ansibullbot ansibullbot removed the WIP Work in progress label Jun 7, 2022
felixfontein
felixfontein reviewed Jun 8, 2022
View reviewed changes
Copy link
Collaborator

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! Please add a changelog fragment.

plugins/modules/system/sudoers.py Outdated Show resolved Hide resolved
plugins/modules/system/sudoers.py Show resolved Hide resolved
This was referenced Nov 20, 2022
Closed
Merged
Closed
Closed
Closed
Closed
Merged
Merged
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Open
Closed
Closed
Closed
Closed
Closed
Closed
This was referenced Dec 1, 2022
Open
Closed
@renovate renovate bot mentioned this pull request Dec 14, 2022
Closed
1 task
@renovate renovate bot mentioned this pull request Jan 1, 2023
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein felixfontein approved these changes

Assignees
No one assigned
Labels
feature This issue/PR relates to a feature request integration tests/integration merge_commit This PR contains at least one merge commit. Please resolve! module module needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html plugins plugin (any type) system tests tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

community.general.sudoers should do a syntax check
3 participants
@JonEllis @ansibullbot @felixfontein