diff options
| author | Nicolas Vigier <boklm@mageia.org> | 2011-08-16 23:08:44 +0000 |
|---|---|---|
| committer | Nicolas Vigier <boklm@mageia.org> | 2011-08-16 23:08:44 +0000 |
| commit | dd69ebad205b4401341eed46c1813845b09b4b4e (patch) | |
| tree | 3902fe0bed820b256b8a0844b37704cae833203a /modules | |
| parent | 3e990eef5f02ba0c47226908bf33be3649f3eafe (diff) | |
| download | puppet-dd69ebad205b4401341eed46c1813845b09b4b4e.tar puppet-dd69ebad205b4401341eed46c1813845b09b4b4e.tar.gz puppet-dd69ebad205b4401341eed46c1813845b09b4b4e.tar.bz2 puppet-dd69ebad205b4401341eed46c1813845b09b4b4e.tar.xz puppet-dd69ebad205b4401341eed46c1813845b09b4b4e.zip | |
add wrapper script to binrepo upload script
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/buildsystem/manifests/init.pp | 18 | ||||
| -rw-r--r-- | modules/buildsystem/templates/sudoers.binrepo | 1 | ||||
| -rw-r--r-- | modules/buildsystem/templates/wrapper.upload-bin | 26 |
3 files changed, 44 insertions, 1 deletions
diff --git a/modules/buildsystem/manifests/init.pp b/modules/buildsystem/manifests/init.pp index d517a664..956ede34 100644 --- a/modules/buildsystem/manifests/init.pp +++ b/modules/buildsystem/manifests/init.pp @@ -17,6 +17,7 @@ class buildsystem { # FIXME: Test password. Real password should be in extdata. $maintdb_key = 'm1g234' $packagers_group = 'mga-packagers' + $packagers_committers_group = 'mga-packagers-committers' $createsrpm_path = '/usr/share/repsys/create-srpm' include ssh::auth @@ -211,10 +212,13 @@ class buildsystem { } class binrepo { + include sudo $binrepo_login = "binrepo" $binrepo_homedir = "/var/lib/$binrepo_login" $binrepodir = "$binrepo_homedir/data" $uploadinfosdir = "$binrepo_homedir/infos" + $uploadbinpath = '/usr/local/bin/upload-bin' + $uploadbinpathwrapper = '/usr/local/bin/wrapper.upload-bin' user {"$binrepo_login": ensure => present, @@ -238,13 +242,25 @@ class buildsystem { mode => 755, } - file { '/usr/local/bin/upload-bin': + file { $uploadbinpath: ensure => present, owner => root, group => root, mode => 755, content => template('buildsystem/upload-bin'), } + + file { $uploadbinpathwrapper: + ensure => present, + owner => root, + group => root, + mode => 755, + content => template('buildsystem/wrapper.upload-bin'), + } + + sudo::sudoers_config { "binrepo": + content => template("buildsystem/sudoers.binrepo") + } } class mgarepo { diff --git a/modules/buildsystem/templates/sudoers.binrepo b/modules/buildsystem/templates/sudoers.binrepo new file mode 100644 index 00000000..7a9efef4 --- /dev/null +++ b/modules/buildsystem/templates/sudoers.binrepo @@ -0,0 +1 @@ +%<%= packagers_committers_group %> ALL =(<%= binrepo_login %>) NOPASSWD: <%= uploadbinpath %> diff --git a/modules/buildsystem/templates/wrapper.upload-bin b/modules/buildsystem/templates/wrapper.upload-bin new file mode 100644 index 00000000..728eedc9 --- /dev/null +++ b/modules/buildsystem/templates/wrapper.upload-bin @@ -0,0 +1,26 @@ +#!/bin/sh + +binrepouser="<%= binrepo_login %>" +uploadbinpath="<%= uploadbinpath %>" +packagerscommittersgroup="<%= packagers_committers_group %>" + +function isingroup() +{ + grp="$1" + for group in `groups` + do if [ "$grp" = "$group" ] + then + return 0 + fi + done + return 1 +} + +if ! isingroup "$packagerscommittersgroup" +then + echo "You are not in $packagerscommitersgroup group." + exit 1 +fi + +sudo -u "$binrepouser" "$uploadbinpath" $(whoami) $@ + |