| | 1 | == Templating Access Data == |
| | 2 | |
| | 3 | These examples depend on the BB plugin in 1.0/trunk. The BB plugin provides additional data about users that have been allocated nodes. It maps in a dictionary of user priviledges to client metadata instances. Each of these plugins use this data. On this system, node allocations map to sudo and root access. |
| | 4 | |
| | 5 | /var/lib/bcfg2/TGenshi/etc/sudoers/template.newtxt |
| | 6 | {{{ |
| | 7 | # /etc/sudoers |
| | 8 | # |
| | 9 | # This file MUST be edited with the 'visudo' command as root. |
| | 10 | # |
| | 11 | # See the man page for details on how to write a sudoers file. |
| | 12 | # Host alias specification |
| | 13 | |
| | 14 | # User alias specification |
| | 15 | User_Alias ADMIN = ${','.join(metadata.BB['users'].keys())},admin1,admin2 |
| | 16 | User_Alias IMAGERS = user1,user2,user3 |
| | 17 | |
| | 18 | # Cmnd alias specification |
| | 19 | Cmnd_Alias SYSTEMIMAGER = /usr/sbin/getimage [A-z]* [A-z]* |
| | 20 | |
| | 21 | # Defaults |
| | 22 | |
| | 23 | Defaults !lecture,tty_tickets,!fqdn |
| | 24 | |
| | 25 | # User privilege specification |
| | 26 | root ALL=(ALL) ALL |
| | 27 | IMAGERS login=SYSTEMIMAGER |
| | 28 | |
| | 29 | # Members of the admin group may gain root privileges |
| | 30 | ADMIN ALL=(ALL) ALL |
| | 31 | }}} |
| | 32 | |
| | 33 | /var/lib/bcfg2/TGenshi/root/.ssh/authorized_keys/template.newtxt |
| | 34 | {{{ |
| | 35 | {% for user in metadata.BB['users'] %} |
| | 36 | ${"\n".join(metadata.BB['users'][user])} |
| | 37 | {% end %} |
| | 38 | }}} |
