-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Inline...
On 03/25/2010 04:09 AM, Dan Bode wrote: <snip/> > > I can also imagine use cases where this would be too limiting. If two > classes wanted to specify the same Cmnd_Alias for two different users > sets (is this use case perhaps less valid that I think it is?). I don't think this is a problem. Each Cmnd_Alias should be unique. It's just an arbitrary string, so people shouldn't have a problem adding some other arbitrary string to the end to make it unique. > > I am not sure if I want to create limitations on how sudoers files can > be created. I think I would rather allow for flexibility and just accept > that NAMEVAR is only an id for each line. I wouldn't do this. It adds confusion. On a slightly related note, you may want to add a 'comment' field for people to add comments to the sudoers file that would be added before the item that you are referencing. > > Should it fail if a resource Sudo_cmd_alias[$name] does not exist? It depends. If you're being authoritative about the entire file then yes it should. If not, then it should not since you could be referencing something that someone added by hand and that would be completely valid. I would prefer this type to be completely authoritative, but that just my $0.02. > > I also just pushed a new version to master that verifies sudoers lines > and fails before it adds them to the file instead of after :) woo! <snip/> - -- Trevor Vaughan Vice President, Onyx Point, Inc. email: tvaug...@onyxpoint.com phone: 410-541-ONYX (6699) - -- This account not approved for unencrypted sensitive information -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkurN+4ACgkQyWMIJmxwHpSNWACfREyRT6EHf0g7/grY6w4H8qhu tl8AoJ+ITwodRlCN7T7EVOy4mMjZiUPE =0qSN -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to puppet-...@googlegroups.com. To unsubscribe from this group, send email to puppet-dev+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.