--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- set curr_tpldir = tpldir %}
+{%- set tpldir = 'arvados' %}
+{%- from "arvados/map.jinja" import arvados with context %}
+{%- set tpldir = curr_tpldir %}
+
+extra_shell_sudo_passwordless_sudo_pkg_installed:
+ pkg.installed:
+ - name: sudo
+
+extra_shell_sudo_passwordless_config_file_managed:
+ file.managed:
+ - name: /etc/sudoers.d/arvados_passwordless
+ - makedirs: true
+ - user: root
+ - group: root
+ - mode: '0440'
+ - replace: false
+ - contents: |
+ # This file managed by Salt, do not edit by hand!!
+ # Allow members of group sudo to execute any command without password
+ %sudo ALL=(ALL:ALL) NOPASSWD:ALL
+ - require:
+ - pkg: extra_shell_sudo_passwordless_sudo_pkg_installed
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- set curr_tpldir = tpldir %}
+{%- set tpldir = 'arvados' %}
+{%- from "arvados/map.jinja" import arvados with context %}
+{%- set tpldir = curr_tpldir %}
+
+extra_shell_sudo_passwordless_sudo_pkg_installed:
+ pkg.installed:
+ - name: sudo
+
+extra_shell_sudo_passwordless_config_file_managed:
+ file.managed:
+ - name: /etc/sudoers.d/arvados_passwordless
+ - makedirs: true
+ - user: root
+ - group: root
+ - mode: '0440'
+ - replace: false
+ - contents: |
+ # This file managed by Salt, do not edit by hand!!
+ # Allow members of group sudo to execute any command without password
+ %sudo ALL=(ALL:ALL) NOPASSWD:ALL
+ - require:
+ - pkg: extra_shell_sudo_passwordless_sudo_pkg_installed
# Same when using self-signed certificates.
SKIP_SNAKE_OIL="dont_add_snakeoil_certs"
fi
- for f in $(ls "${F_DIR}"/extra/extra/*.sls | grep -v ${SKIP_SNAKE_OIL}); do
+ for f in $(ls "${F_DIR}"/extra/extra/*.sls | egrep -v "${SKIP_SNAKE_OIL}|shell_sudo_passwordless"); do
echo " - extra.$(basename ${f} | sed 's/.sls$//g')" >> ${S_DIR}/top.sls
done
# Use byo or self-signed certificates
grep -q "custom_certs" ${S_DIR}/top.sls || echo " - extra.custom_certs" >> ${S_DIR}/top.sls
fi
+ echo " - extra.shell_sudo_passwordless" >> ${S_DIR}/top.sls
echo " - postgres" >> ${S_DIR}/top.sls
echo " - docker.software" >> ${S_DIR}/top.sls
echo " - arvados" >> ${S_DIR}/top.sls
;;
"shell")
# States
+ echo " - extra.shell_sudo_passwordless" >> ${S_DIR}/top.sls
grep -q "docker" ${S_DIR}/top.sls || echo " - docker.software" >> ${S_DIR}/top.sls
grep -q "arvados.${R}" ${S_DIR}/top.sls || echo " - arvados.${R}" >> ${S_DIR}/top.sls
# Pillars