> node default {
> class { sudoers: }
> }
>
> node 'sl11lab02' inherits default {
>
> # this runs but does nothing
> Class[sudoers] { additional_rules => [ "$rules_uas" ] }
>
> # this errors with "Cannot assign to variables in other namespaces"
> #$sudoers::additional_rules = [ "$rules_uas" ]
>
> # this errors with "Class[Sudoers] is already defined"
> #class { sudoers: additional_rules => [ "$rules_uas" ] }
> }
>
> class sudoers (
> $default_rules = "$rules_unixgroup",
> $additional_rules = [ "" ]
> ) {
>
> file { "/tmp/sudoers":
> owner => root, group => root, mode => 440,
> content => template("sudoers/sudoers.erb"),
> notify => Exec["check-sudoers"],
> }
>
> exec { "check-sudoers":
> command => "/usr/sbin/visudo -cf /tmp/sudoers && cp /tmp/sudoers
> /etc/sudoers",
> refreshonly => true,
> }
>
> }
Hi,
is it me, or is class sudoers not actually parameterized?
What I'm seeing is a good old class with local variables. The way they
are initialized, they cannot even be overridden by (ab-)using dynamic
scoping, although this would probably work (plusignment):
include sudoers
$sudoers::additional_rules += [ a, b, c ]
To me, this actually does call for a (parameterized?) subclass that will
override the content of your /tmp file:
class sudoers_additional($additional_rules) inherits sudoers {
File["..."] { content => template(...) }
}
This may even use the same template as the baseclass.
Don't just hate subclasses. They're often pretty helpful ;-)
HTH,
Felix
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
