Repository: jclouds Updated Branches: refs/heads/1.9.x a585440e7 -> c6f2d8461
JCLOUDS-973 Extending the sudo's configuration - Adding env_reset to the default configuration in /etc/sudoers - Adding secure_path to the default configuration in /etc/sudoers - secure_path value is "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" Project: http://git-wip-us.apache.org/repos/asf/jclouds/repo Commit: http://git-wip-us.apache.org/repos/asf/jclouds/commit/c6f2d846 Tree: http://git-wip-us.apache.org/repos/asf/jclouds/tree/c6f2d846 Diff: http://git-wip-us.apache.org/repos/asf/jclouds/diff/c6f2d846 Branch: refs/heads/1.9.x Commit: c6f2d8461159c8dbde622a616b808166f26067a5 Parents: a585440 Author: Yavor Yanchev <[email protected]> Authored: Mon Jul 27 20:37:52 2015 +0300 Committer: Andrea Turli <[email protected]> Committed: Fri Oct 16 11:13:19 2015 +0200 ---------------------------------------------------------------------- compute/src/test/resources/initscript_with_java.sh | 2 ++ compute/src/test/resources/initscript_with_jetty.sh | 2 ++ compute/src/test/resources/runscript_adminUpdate.sh | 2 ++ .../org/jclouds/scriptbuilder/statements/login/Sudoers.java | 7 ++++++- .../scriptbuilder/statements/login/SudoStatementsTest.java | 2 ++ scriptbuilder/src/test/resources/test_adminaccess_flipped.sh | 2 ++ scriptbuilder/src/test/resources/test_adminaccess_params.sh | 2 ++ .../test/resources/test_adminaccess_params_and_fullname.sh | 2 ++ scriptbuilder/src/test/resources/test_adminaccess_standard.sh | 2 ++ 9 files changed, 22 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/compute/src/test/resources/initscript_with_java.sh ---------------------------------------------------------------------- diff --git a/compute/src/test/resources/initscript_with_java.sh b/compute/src/test/resources/initscript_with_java.sh index f0b1480..0766e80 100644 --- a/compute/src/test/resources/initscript_with_java.sh +++ b/compute/src/test/resources/initscript_with_java.sh @@ -204,6 +204,8 @@ END_OF_JCLOUDS_SCRIPT rm -f $INSTANCE_HOME/rc trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15 cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' + Defaults env_reset + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_JCLOUDS_FILE http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/compute/src/test/resources/initscript_with_jetty.sh ---------------------------------------------------------------------- diff --git a/compute/src/test/resources/initscript_with_jetty.sh b/compute/src/test/resources/initscript_with_jetty.sh index ce5a6f4..87ee905 100644 --- a/compute/src/test/resources/initscript_with_jetty.sh +++ b/compute/src/test/resources/initscript_with_jetty.sh @@ -204,6 +204,8 @@ END_OF_JCLOUDS_SCRIPT rm -f $INSTANCE_HOME/rc trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15 cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' + Defaults env_reset + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_JCLOUDS_FILE http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/compute/src/test/resources/runscript_adminUpdate.sh ---------------------------------------------------------------------- diff --git a/compute/src/test/resources/runscript_adminUpdate.sh b/compute/src/test/resources/runscript_adminUpdate.sh index 8c4d7c5..d7ebedc 100644 --- a/compute/src/test/resources/runscript_adminUpdate.sh +++ b/compute/src/test/resources/runscript_adminUpdate.sh @@ -85,6 +85,8 @@ END_OF_JCLOUDS_SCRIPT rm -f $INSTANCE_HOME/rc trap 'echo $?>$INSTANCE_HOME/rc' 0 1 2 3 15 cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' + Defaults env_reset + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_JCLOUDS_FILE http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java ---------------------------------------------------------------------- diff --git a/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java b/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java index 375d9c7..e4f200f 100644 --- a/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java +++ b/scriptbuilder/src/main/java/org/jclouds/scriptbuilder/statements/login/Sudoers.java @@ -41,7 +41,12 @@ public class Sudoers implements Statement { if (family == OsFamily.WINDOWS) throw new UnsupportedOperationException("windows not yet implemented"); Builder<Statement> statements = ImmutableList.builder(); - statements.add(createOrOverwriteFile(sudoers, ImmutableSet.of("root ALL = (ALL) ALL", "%wheel ALL = (ALL) NOPASSWD:ALL"))); + statements.add(createOrOverwriteFile(sudoers, ImmutableSet.of( + "Defaults env_reset", + "Defaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"", + "root ALL = (ALL) ALL", + "%wheel ALL = (ALL) NOPASSWD:ALL")) + ); statements.add(exec("chmod 0440 " + sudoers)); return new StatementList(statements.build()).render(family); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java ---------------------------------------------------------------------- diff --git a/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java b/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java index 38a7247..7254b82 100644 --- a/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java +++ b/scriptbuilder/src/test/java/org/jclouds/scriptbuilder/statements/login/SudoStatementsTest.java @@ -28,6 +28,8 @@ public class SudoStatementsTest { assertEquals( SudoStatements.createWheel().render(OsFamily.UNIX), "cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE'\n" + + "\tDefaults env_reset\n" + + "\tDefaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\n" + "\troot ALL = (ALL) ALL\n" + "\t%wheel ALL = (ALL) NOPASSWD:ALL\n" + "END_OF_JCLOUDS_FILE\n" + http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh ---------------------------------------------------------------------- diff --git a/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh b/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh index 7c7f9d8..5fec29a 100644 --- a/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh +++ b/scriptbuilder/src/test/resources/test_adminaccess_flipped.sh @@ -1,5 +1,7 @@ rm /etc/sudoers cat >> /etc/sudoers <<'END_OF_FILE' +Defaults env_reset +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_FILE http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/scriptbuilder/src/test/resources/test_adminaccess_params.sh ---------------------------------------------------------------------- diff --git a/scriptbuilder/src/test/resources/test_adminaccess_params.sh b/scriptbuilder/src/test/resources/test_adminaccess_params.sh index bdd99d1..61ef3ad 100644 --- a/scriptbuilder/src/test/resources/test_adminaccess_params.sh +++ b/scriptbuilder/src/test/resources/test_adminaccess_params.sh @@ -1,4 +1,6 @@ cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' + Defaults env_reset + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_JCLOUDS_FILE http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh ---------------------------------------------------------------------- diff --git a/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh b/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh index aeec0ae..1481337 100644 --- a/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh +++ b/scriptbuilder/src/test/resources/test_adminaccess_params_and_fullname.sh @@ -1,4 +1,6 @@ cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' + Defaults env_reset + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_JCLOUDS_FILE http://git-wip-us.apache.org/repos/asf/jclouds/blob/c6f2d846/scriptbuilder/src/test/resources/test_adminaccess_standard.sh ---------------------------------------------------------------------- diff --git a/scriptbuilder/src/test/resources/test_adminaccess_standard.sh b/scriptbuilder/src/test/resources/test_adminaccess_standard.sh index 7f2e3c0..25fca5f 100644 --- a/scriptbuilder/src/test/resources/test_adminaccess_standard.sh +++ b/scriptbuilder/src/test/resources/test_adminaccess_standard.sh @@ -1,4 +1,6 @@ cat > /etc/sudoers <<-'END_OF_JCLOUDS_FILE' + Defaults env_reset + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" root ALL = (ALL) ALL %wheel ALL = (ALL) NOPASSWD:ALL END_OF_JCLOUDS_FILE
