[MediaWiki-commits] [Gerrit] Fix installation of sudo-ldap on labs instances. - change (operations/puppet)

Fri, 11 Dec 2015 06:23:30 -0800 

Andrew Bogott has submitted this change and it was merged.

Change subject: Fix installation of sudo-ldap on labs instances.
......................................................................


Fix installation of sudo-ldap on labs instances.

Historically this has been handled in the base image,
but now that I'm trying to apply labs classes on bare
metal this was causing trouble.

Bug: T120262
Change-Id: Id9e89ff92cb9c3292c6c49fd809179293c168e4f
---
M modules/sudo/manifests/init.pp
1 file changed, 24 insertions(+), 6 deletions(-)

Approvals:
  Andrew Bogott: Looks good to me, approved
  Rush: Looks good to me, but someone else must approve
  jenkins-bot: Verified



diff --git a/modules/sudo/manifests/init.pp b/modules/sudo/manifests/init.pp
index 7bf897e..a852727 100644
--- a/modules/sudo/manifests/init.pp
+++ b/modules/sudo/manifests/init.pp
@@ -1,12 +1,30 @@
 class sudo {
-    $package = $::realm ? {
-        'labs'  => 'sudo-ldap',
-        default => 'sudo',
+
+    if $::realm == labs {
+        $package = 'sudo-ldap'
+
+        # This hack is necessary because sudo-ldap can only be installed
+        #  if SUDO_FORCE_REMOVE is set.  Puppet doesn't allow passing
+        #  in an environment to a normal package resource.
+        exec {'install sudo-ldap':
+            command     => '/usr/bin/apt-get -q -y -o 
DPkg::Options::=--force-confold install sudo-ldap',
+            environment => 'SUDO_FORCE_REMOVE=yes',
+            onlyif      => '/usr/bin/apt-cache policy sudo-ldap | /bin/grep -q 
"Installed: (none)"',
+        }
+
+        package { $package:
+            ensure  => installed,
+            require => Exec['install sudo-ldap'],
+        }
+    } else {
+        $package = 'sudo'
+
+        package { $package:
+            ensure => installed,
+        }
     }
 
-    package { $package:
-        ensure => installed,
-    }
+
 
     file { '/etc/sudoers':
         ensure  => present,

-- 
To view, visit https://gerrit.wikimedia.org/r/258400
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Id9e89ff92cb9c3292c6c49fd809179293c168e4f
Gerrit-PatchSet: 6
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Rush <r...@wikimedia.org>
Gerrit-Reviewer: Tim Landscheidt <t...@tim-landscheidt.de>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to