You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jclouds.apache.org by na...@apache.org on 2015/09/01 01:15:02 UTC
jclouds git commit: JCLOUDS-973 Extending the sudo's configuration
Repository: jclouds
Updated Branches:
refs/heads/master 496e27f1a -> d45f08e82
JCLOUDS-973 Extending the sudo's configuration
- Adding env_reset to the default configuration in /etc/sudoers
- Adding secure_path to the default configuration in /etc/sudoers
- secure_path value is
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
Project: http://git-wip-us.apache.org/repos/asf/jclouds/repo
Commit: http://git-wip-us.apache.org/repos/asf/jclouds/commit/d45f08e8
Tree: http://git-wip-us.apache.org/repos/asf/jclouds/tree/d45f08e8
Diff: http://git-wip-us.apache.org/repos/asf/jclouds/diff/d45f08e8
Branch: refs/heads/master
Commit: d45f08e82ebd217fa5ebbb08b9e4859aaf7cf58a
Parents: 496e27f
Author: Yavor Yanchev <ya...@yanchev.com>
Authored: Mon Jul 27 20:37:52 2015 +0300
Committer: Ignasi Barrera <na...@apache.org>
Committed: Tue Sep 1 00:29:17 2015 +0200
----------------------------------------------------------------------
compute/src/test/resources/initscript_with_java.sh | 2 ++
compute/src/test/resources/initscript_with_jetty.sh | 2 ++
compute/src/test/resources/runscript_adminUpdate.sh | 2 ++
.../org/jclouds/scriptbuilder/statements/login/Sudoers.java | 7 ++++++-
.../scriptbuilder/statements/login/SudoStatementsTest.java | 2 ++
scriptbuilder/src/test/resources/test_adminaccess_flipped.sh | 2 ++
scriptbuilder/src/test/resources/test_adminaccess_params.sh | 2 ++
.../test/resources/test_adminaccess_params_and_fullname.sh | 2 ++
scriptbuilder/src/test/resources/test_adminaccess_standard.sh | 2 ++
9 files changed, 22 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/compute/src/test/resources/initscript_with_java.sh
----------------------------------------------------------------------
diff --git a/compute/src/test/resources/initscript_with_java.sh b/compute/src/test/resources/initscript_with_java.sh
index f0b1480..0766e80 100644
--- a/compute/src/test/resources/initscript_with_java.sh
+++ b/compute/src/test/resources/initscript_with_java.sh
@@ -204,6 +204,8 @@ END_OF_JCLOUDS_SCRIPT
rm -f $INSTANCE_HOME/rc
trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
+ Defaults env_reset
+ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/compute/src/test/resources/initscript_with_jetty.sh
----------------------------------------------------------------------
diff --git a/compute/src/test/resources/initscript_with_jetty.sh b/compute/src/test/resources/initscript_with_jetty.sh
index ce5a6f4..87ee905 100644
--- a/compute/src/test/resources/initscript_with_jetty.sh
+++ b/compute/src/test/resources/initscript_with_jetty.sh
@@ -204,6 +204,8 @@ END_OF_JCLOUDS_SCRIPT
rm -f $INSTANCE_HOME/rc
trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
+ Defaults env_reset
+ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/compute/src/test/resources/runscript_adminUpdate.sh
----------------------------------------------------------------------
diff --git a/compute/src/test/resources/runscript_adminUpdate.sh b/compute/src/test/resources/runscript_adminUpdate.sh
index 8c4d7c5..d7ebedc 100644
--- a/compute/src/test/resources/runscript_adminUpdate.sh
+++ b/compute/src/test/resources/runscript_adminUpdate.sh
@@ -85,6 +85,8 @@ END_OF_JCLOUDS_SCRIPT
rm -f $INSTANCE_HOME/rc
trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
+ Defaults env_reset
+ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java
----------------------------------------------------------------------
diff --git a/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java b/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java
index 375d9c7..e4f200f 100644
--- a/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java
+++ b/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java
@@ -41,7 +41,12 @@ public class Sudoers implements Statement {
if (family == OsFamily.WINDOWS)
throw new UnsupportedOperationException("windows not yet implemented");
Builder<Statement> statements = ImmutableList.builder();
- statements.add(createOrOverwriteFile(sudoers, ImmutableSet.of("root ALL = (ALL) ALL", "%wheel ALL = (ALL) NOPASSWD:ALL")));
+ statements.add(createOrOverwriteFile(sudoers, ImmutableSet.of(
+ "Defaults env_reset",
+ "Defaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"",
+ "root ALL = (ALL) ALL",
+ "%wheel ALL = (ALL) NOPASSWD:ALL"))
+ );
statements.add(exec("chmod 0440 " + sudoers));
return new StatementList(statements.build()).render(family);
}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java
----------------------------------------------------------------------
diff --git a/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java b/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java
index 38a7247..7254b82 100644
--- a/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java
+++ b/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java
@@ -28,6 +28,8 @@ public class SudoStatementsTest {
assertEquals(
SudoStatements.createWheel().render(OsFamily.UNIX),
"cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'\n" +
+ "\tDefaults env_reset\n" +
+ "\tDefaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\n" +
"\troot ALL = (ALL) ALL\n" +
"\t%wheel ALL = (ALL) NOPASSWD:ALL\n" +
"END_OF_JCLOUDS_FILE\n" +
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh
----------------------------------------------------------------------
diff --git a/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh b/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh
index 7c7f9d8..5fec29a 100644
--- a/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh
+++ b/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh
@@ -1,5 +1,7 @@
rm /etc/sudoers
cat >> /etc/sudoers <<'END_OF_FILE'
+Defaults env_reset
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_FILE
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/scriptbuilder/src/test/resources/test_adminaccess_params.sh
----------------------------------------------------------------------
diff --git a/scriptbuilder/src/test/resources/test_adminaccess_params.sh b/scriptbuilder/src/test/resources/test_adminaccess_params.sh
index bdd99d1..61ef3ad 100644
--- a/scriptbuilder/src/test/resources/test_adminaccess_params.sh
+++ b/scriptbuilder/src/test/resources/test_adminaccess_params.sh
@@ -1,4 +1,6 @@
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
+ Defaults env_reset
+ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh
----------------------------------------------------------------------
diff --git a/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh b/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh
index aeec0ae..1481337 100644
--- a/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh
+++ b/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh
@@ -1,4 +1,6 @@
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
+ Defaults env_reset
+ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE
http://git-wip-us.apache.org/repos/asf/jclouds/blob/d45f08e8/scriptbuilder/src/test/resources/test_adminaccess_standard.sh
----------------------------------------------------------------------
diff --git a/scriptbuilder/src/test/resources/test_adminaccess_standard.sh b/scriptbuilder/src/test/resources/test_adminaccess_standard.sh
index 7f2e3c0..25fca5f 100644
--- a/scriptbuilder/src/test/resources/test_adminaccess_standard.sh
+++ b/scriptbuilder/src/test/resources/test_adminaccess_standard.sh
@@ -1,4 +1,6 @@
cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'
+ Defaults env_reset
+ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
END_OF_JCLOUDS_FILE