summaryrefslogtreecommitdiff
path: root/Propellor/Property/Sudo.hs
diff options
context:
space:
mode:
Diffstat (limited to 'Propellor/Property/Sudo.hs')
-rw-r--r--Propellor/Property/Sudo.hs32
1 files changed, 0 insertions, 32 deletions
diff --git a/Propellor/Property/Sudo.hs b/Propellor/Property/Sudo.hs
deleted file mode 100644
index 68b56608..00000000
--- a/Propellor/Property/Sudo.hs
+++ /dev/null
@@ -1,32 +0,0 @@
-module Propellor.Property.Sudo where
-
-import Data.List
-
-import Propellor
-import Propellor.Property.File
-import qualified Propellor.Property.Apt as Apt
-import Propellor.Property.User
-
--- | Allows a user to sudo. If the user has a password, sudo is configured
--- to require it. If not, NOPASSWORD is enabled for the user.
-enabledFor :: UserName -> Property
-enabledFor user = property desc go `requires` Apt.installed ["sudo"]
- where
- go = do
- locked <- liftIO $ isLockedPassword user
- ensureProperty $
- fileProperty desc
- (modify locked . filter (wanted locked))
- "/etc/sudoers"
- desc = user ++ " is sudoer"
- sudobaseline = user ++ " ALL=(ALL:ALL)"
- sudoline True = sudobaseline ++ " NOPASSWD:ALL"
- sudoline False = sudobaseline ++ " ALL"
- wanted locked l
- -- TOOD: Full sudoers file format parse..
- | not (sudobaseline `isPrefixOf` l) = True
- | "NOPASSWD" `isInfixOf` l = locked
- | otherwise = True
- modify locked ls
- | sudoline locked `elem` ls = ls
- | otherwise = ls ++ [sudoline locked]
generated by cgit v1.3-2-g0d8e (git 2.53.0) at 2026-06-26 18:53:49 +0000