nuageinit: add support for sudo

This commit is contained in:
Baptiste Daroussin
2025-06-15 17:18:32 +02:00
parent 78f12afc38
commit 6a54f886be
3 changed files with 43 additions and 1 deletions
+38 -1
View File
@@ -228,6 +228,42 @@ local function addsshkey(homedir, key)
end
end
local function addsudo(pwd)
local chmodsudoersd = false
local chmodsudoers = false
local root = os.getenv("NUAGE_FAKE_ROOTDIR")
local sudoers_dir = "/usr/local/etc/sudoers.d"
if root then
sudoers_dir= root .. sudoers_dir
end
local sudoers = sudoers_dir .. "/90-nuageinit-users"
local sudoers_attr = lfs.attributes(sudoers)
if sudoers_attr == nil then
chmodsudoers = true
local dirattrs = lfs.attributes(sudoers_dir)
if dirattrs == nil then
local r, err = mkdir_p(sudoers_dir)
if not r then
return nil, err .. " (creating " .. sudoers_dir .. ")"
end
chmodsudoersd = true
end
end
local f = io.open(sudoers, "a")
if not f then
warnmsg("impossible to open " .. sudoers)
return
end
f:write(pwd.name .. " " .. pwd.sudo .. "\n")
f:close()
if chmodsudoers then
sys_stat.chmod(sudoers, 416)
end
if chmodsudoersd then
sys_stat.chmod(sudoers, 480)
end
end
local function update_sshd_config(key, value)
local sshd_config = "/etc/ssh/sshd_config"
local root = os.getenv("NUAGE_FAKE_ROOTDIR")
@@ -419,7 +455,8 @@ local n = {
pkg_bootstrap = pkg_bootstrap,
install_package = install_package,
update_packages = update_packages,
upgrade_packages = upgrade_packages
upgrade_packages = upgrade_packages,
addsudo = addsudo
}
return n
+3
View File
@@ -290,6 +290,9 @@ if line == "#cloud-config" then
nuage.addsshkey(homedir, v)
end
end
if u.sudo then
nuage.addsudo(u)
end
else
nuage.warn("invalid type : " .. type(u) .. " for users entry number " .. n)
end
+2
View File
@@ -117,6 +117,7 @@ users:
- name: foobar
gecos: Foo B. Bar
primary_group: foobar
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users
passwd: $6$j212wezy$7H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/
EOF
@@ -138,6 +139,7 @@ EOF
sed -i "" "s/freebsd:.*:1001/freebsd:freebsd:1001/" "${PWD}"/etc/master.passwd
atf_check -o file:expectedpasswd cat "${PWD}"/etc/master.passwd
atf_check -o file:expectedgroup cat "${PWD}"/etc/group
atf_check -o inline:"foobar ALL=(ALL) NOPASSWD:ALL\n" cat ${PWD}/usr/local/etc/sudoers.d/90-nuageinit-users
}
nocloud_network_head()