cloud-init

Merge lp:~harlowja/cloud-init/ensure-sudo-dir-ready into lp:~cloud-init-dev/cloud-init/trunk

  1. ensure-sudo-dir-ready
  2. Merge into trunk
Proposed by Joshua Harlow
Status: Merged
Merged at revision: 691
Proposed branch: lp:~harlowja/cloud-init/ensure-sudo-dir-ready
Merge into: lp:~cloud-init-dev/cloud-init/trunk
Diff against target: 63 lines (+35/-2)
1 file modified
cloudinit/distros/__init__.py (+35/-2)
To merge this branch: bzr merge lp:~harlowja/cloud-init/ensure-sudo-dir-ready
Reviewer Review Type Date Requested Status
cloud-init Commiters Pending
Review via email: mp+127086@code.launchpad.net
To post a comment you must log in.
lp:~harlowja/cloud-init/ensure-sudo-dir-ready updated
677. By Joshua Harlow

Dir should be 0755, not 0440

678. By Joshua Harlow

Update the log statement used here to be
a little more relevant.

679. By Joshua Harlow

Ensure that the include dir starts the line
and is not a part of a comment or other
part of the line.

Revision history for this message
Scott Moser (smoser) wrote :

Only comment here is that we should log.warn if we're modifying /etc/sudoers

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'cloudinit/distros/__init__.py'
--- cloudinit/distros/__init__.py 2012-09-28 21:21:02 +0000
+++ cloudinit/distros/__init__.py 2012-09-30 20:49:21 +0000
@@ -251,7 +251,7 @@
251 if util.is_user(name):251 if util.is_user(name):
252 LOG.warn("User %s already exists, skipping." % name)252 LOG.warn("User %s already exists, skipping." % name)
253 else:253 else:
254 LOG.debug("Creating name %s" % name)254 LOG.debug("Adding user named %s", name)
255 try:255 try:
256 util.subp(adduser_cmd, logstring=x_adduser_cmd)256 util.subp(adduser_cmd, logstring=x_adduser_cmd)
257 except Exception as e:257 except Exception as e:
@@ -299,6 +299,38 @@
299299
300 return True300 return True
301301
302 def ensure_sudo_dir(self, path, sudo_base='/etc/sudoers'):
303 # Ensure the dir is included and that
304 # it actually exists as a directory
305 sudoers_contents = ''
306 if os.path.exists(sudo_base):
307 sudoers_contents = util.load_file(sudo_base)
308 found_include = False
309 for line in sudoers_contents.splitlines():
310 line = line.strip()
311 include_match = re.search(r"^#includedir\s+(.*)$", line)
312 if not include_match:
313 continue
314 included_dir = include_match.group(1).strip()
315 if not included_dir:
316 continue
317 included_dir = os.path.abspath(included_dir)
318 if included_dir == path:
319 found_include = True
320 break
321 if not found_include:
322 sudoers_contents += "\n#includedir %s\n" % (path)
323 try:
324 if not os.path.exists(sudo_base):
325 util.write_file(sudo_base, sudoers_contents, 0440)
326 else:
327 with open(sudo_base, 'a') as f:
328 f.write(sudoers_contents)
329 except IOError as e:
330 util.logexc(LOG, "Failed to write %s" % sudo_base, e)
331 raise e
332 util.ensure_dir(path, 0755)
333
302 def write_sudo_rules(self,334 def write_sudo_rules(self,
303 user,335 user,
304 rules,336 rules,
@@ -314,9 +346,10 @@
314 content += "%s %s\n" % (user, rule)346 content += "%s %s\n" % (user, rule)
315 content += "\n"347 content += "\n"
316348
349 self.ensure_sudo_dir(os.path.dirname(sudo_file))
350
317 if not os.path.exists(sudo_file):351 if not os.path.exists(sudo_file):
318 util.write_file(sudo_file, content, 0440)352 util.write_file(sudo_file, content, 0440)
319
320 else:353 else:
321 try:354 try:
322 with open(sudo_file, 'a') as f:355 with open(sudo_file, 'a') as f: