Linaro

Merge lp:~tom-gall/linaro/fix-728674-live-helper.config.natty.alip into lp:~linaro-maintainers/linaro/live-helper.config.natty.alip

  1. fix-728674-live-helper.config.natty.alip
  2. Merge into live-helper.config.natty.alip
Proposed by Tom Gall
Status: Merged
Merged at revision: 62
Proposed branch: lp:~tom-gall/linaro/fix-728674-live-helper.config.natty.alip
Merge into: lp:~linaro-maintainers/linaro/live-helper.config.natty.alip
Diff against target: 24 lines (+11/-2)
1 file modified
chroot_local-hooks/03-check_sudoers_for_admin.sh (+11/-2)
To merge this branch: bzr merge lp:~tom-gall/linaro/fix-728674-live-helper.config.natty.alip
Reviewer Review Type Date Requested Status
Tom Gall Pending
Linaro Maintainers Pending
Review via email: mp+52359@code.launchpad.net

This proposal supersedes a proposal from 2011-03-06.

Description of the change

Adjust chroot_local-hooks/03-check_sudoers_for_admin.sh to add "%admin ALL = (ALL) NOPASSWD: ALL" to sudoers when it is not yet included in the file. The linaro account is in the admin group so this will make sudo passwordless for linaro just fixing the bug.

Further this script also uses sed to blindly change the %admin line in sudoers which will address the case IF we did not put it there. It does also just redo the change we just did if we are the origin of the %admin line in sudos. BFHD.

To post a comment you must log in.
Revision history for this message
Steve Langasek (vorlon) wrote : Posted in a previous version of this proposal

On Sun, Mar 06, 2011 at 08:01:40PM -0000, Tom Gall wrote:
> echo "# Members of the admin group may gain root privileges" >> /etc/sudoers
> - echo "%admin ALL=(ALL) ALL" >> /etc/sudoers
> + echo "%admin ALL = NOPASSWD: ALL" >> /etc/sudoers
> fi

This drops the (ALL) from the existing line. Any reason not to make this

  %admin ALL=(ALL) NOPASSWD: ALL

and keep the runas part here for consistency?

Revision history for this message
Tom Gall (tom-gall) wrote : Posted in a previous version of this proposal

Good Point. I agree.

review: Needs Fixing

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'chroot_local-hooks/03-check_sudoers_for_admin.sh'
2--- chroot_local-hooks/03-check_sudoers_for_admin.sh 2010-09-27 10:28:19 +0000
3+++ chroot_local-hooks/03-check_sudoers_for_admin.sh 2011-03-07 03:14:53 +0000
4@@ -2,9 +2,18 @@
5
6 # check to make sure sudoers file has ref for admin
7 ADMINEXISTS="$(awk '$1 == "%admin" { print $1 }' /etc/sudoers)"
8-if [ "%admin" != "$ADMINEXISTS" ]; then
9+if [ -z "$ADMINEXISTS" ]; then
10 # append admin entry to sudoers
11 echo "# Members of the admin group may gain root privileges" >> /etc/sudoers
12- echo "%admin ALL=(ALL) ALL" >> /etc/sudoers
13+ echo "%admin ALL = (ALL) NOPASSWD: ALL" >> /etc/sudoers
14 fi
15
16+# make sure that NOPASWD is set for %admin
17+# expecially in the case that we didn't add it to /etc/sudoers
18+# just blow the %admin ine away and force it to be NOPASSWD
19+sed -e '
20+/\%admin/ c \
21+%admin ALL = (ALL) NOPASSWD: ALL
22+' < /etc/sudoers > /etc/sudoers.tmp
23+mv /etc/sudoers.tmp /etc/sudoers
24+

Subscribers

People subscribed via source and target branches

to all changes: