safely add files to /etc/sudoers.d/

2012-10-09 10:01:09 -04:00 · 2012-10-09 10:01:09 -04:00 · 2e2e94ddef
parent 2cc210c520
commit 2e2e94ddef
2 changed files with 47 additions and 0 deletions
--- a/shared/lib/puppet/provider/sudoers_d/install.rb
+++ b/shared/lib/puppet/provider/sudoers_d/install.rb
@ -0,0 +1,33 @@
+require 'pathname'
+
+Puppet::Type.type(:sudoers_d).provide(:install) do
+  desc "Install a sudoers.d file"
+
+  def create
+    temp_target.open('w') { |fh| fh.puts content }
+    temp_target.chmod 0440
+    temp_target.rename(target)
+  end
+
+  def destroy
+    target.unlink
+  end
+
+  def exists?
+    target.file? and target.read == content
+  end
+
+  private
+  def target
+    @target ||= Pathname("/etc/sudoers.d/#{@resource[:name]}")
+  end
+
+  def temp_target
+    @temp_target ||= Pathname("/tmp/sudoers.d-#{@resource[:name]}-#{Time.now.to_f}")
+  end
+
+  def content
+    @resource[:content]
+  end
+end
+
--- a/shared/lib/puppet/type/sudoers_d.rb
+++ b/shared/lib/puppet/type/sudoers_d.rb
@ -0,0 +1,14 @@
+Puppet::Type.newtype(:sudoers_d) do
+  @doc = "Add a file to /etc/sudoers.d"
+
+  ensurable
+
+  newparam(:name) do
+    desc "The file to create"
+  end
+
+  newparam(:content) do
+    desc "The content of the file"
+  end
+end
+