vagrant-lxc-ng/lib/vagrant-lxc/command/sudoers.rb

require 'tempfile'

module Vagrant
  module LXC
    module Command
      class Sudoers < Vagrant.plugin("2", :command)

        def execute
          options = { user: ENV['USER'] }

          opts = OptionParser.new do |opts|
            opts.banner = "Usage: vagrant lxc sudoers"
            opts.separator ""
            opts.on('-u', '--user', "The user for which to create the policy") do |u|
              options[:user]=u
            end
          end

          argv = parse_options(opts)
          return unless argv

          filename = "vagrant-lxc-#{options[:user]}"
          to_sudoers!(create_tempfile!(options[:user], filename), filename)
        end

        private
        def create_tempfile!(user, filename)
          sudoers = Tempfile.new(filename).tap do |file|
            file.write "# Automatically created by vagrant-lxc\n"
            commands.each do |command|
              file.write sudoers_policy(user, command[:cmd], command[:args])
            end
          end
          sudoers.close
          File.chmod(0644, sudoers.path)
          sudoers.path
        end

        def to_sudoers!(source, destination)
          destination = "/etc/sudoers.d/#{destination}"
          commands = [
            "rm -f #{destination}",
            "cp #{source} #{destination}",
            "chmod 440 #{destination}"
          ]
          `echo "#{commands.join('; ')}" | sudo sh`
        end

        def sudoers_policy(user, command, args)
          home = `echo ~#{user}`.chomp
          args = args.gsub /%\{BOXES\}/, "#{home}/.vagrant.d/boxes"
          "#{user} ALL=(root) NOPASSWD: #{command} #{args}\n"
        end

        def commands
         [
           { :cmd => '/usr/bin/lxc-ls',        :args => '' },
           { :cmd => '/usr/bin/lxc-info',      :args => '' },
           { :cmd => '/usr/bin/lxc-attach',    :args => '' },
           { :cmd => '/usr/bin/which',         :args => 'lxc-*' },
           { :cmd => '/bin/cat',               :args => '/var/lib/lxc/*' },
           { :cmd => '/bin/mkdir',             :args => '/var/lib/lxc/*' },
           { :cmd => '/bin/su',                :args => "root -c sed -e '*' -ibak /var/lib/lxc/*" },
           { :cmd => '/bin/su',                :args => "root -c echo '*' >> /var/lib/lxc/*" },
           { :cmd => '/usr/bin/lxc-start',     :args => '-d --name *' },
           { :cmd => '/bin/cp',                :args => '%{BOXES}/*/lxc/lxc-template /usr/lib/lxc/templates/*' },
           { :cmd => '/bin/cp',                :args => '%{BOXES}/*/lxc/lxc-template /usr/share/lxc/templates/*' },
           { :cmd => '/bin/rm',                :args => '/usr/lib/lxc/templates/*' },
           { :cmd => '/bin/rm',                :args => '/usr/share/lxc/templates/*' },
           { :cmd => '/bin/chmod',             :args => '+x /usr/lib/lxc/*' },
           { :cmd => '/bin/chmod',             :args => '+x /usr/share/lxc/*' },
           { :cmd => '/usr/bin/lxc-create',    :args => '--template * --name * -- --tarball ${BOXES}/*' },
           { :cmd => '/bin/rm',                :args => '-rf /var/lib/lxc/*/rootfs/tmp/*' },
           { :cmd => '/usr/bin/lxc-shutdown',  :args => '--name *' },
           { :cmd => '/usr/bin/lxc-stop',      :args => '--name *' },
           { :cmd => '/usr/bin/lxc-destroy',   :args => '--name *' }
         ]
        end
      end
    end
  end
end
Created an "lxc sudoers" command to create sudoers file for a given user (defaults to current one). 2014-03-16 17:59:18 +00:00			`require 'tempfile'`

			`module Vagrant`
			`module LXC`
			`module Command`
			`class Sudoers < Vagrant.plugin("2", :command)`

			`def execute`
command/sudoers: Nitpick * Use Ruby 1.9+ hash syntax * Use % as the BOXES placeholder as it is the same symbol used for I18n placeholders as well 2014-03-21 22:48:34 +00:00			`options = { user: ENV['USER'] }`
Created an "lxc sudoers" command to create sudoers file for a given user (defaults to current one). 2014-03-16 17:59:18 +00:00
			`opts = OptionParser.new do \|opts\|`
			`opts.banner = "Usage: vagrant lxc sudoers"`
			`opts.separator ""`
			`opts.on('-u', '--user', "The user for which to create the policy") do \|u\|`
			`options[:user]=u`
			`end`
			`end`

			`argv = parse_options(opts)`
			`return unless argv`

			`filename = "vagrant-lxc-#{options[:user]}"`
			`to_sudoers!(create_tempfile!(options[:user], filename), filename)`
			`end`

			`private`
			`def create_tempfile!(user, filename)`
			`sudoers = Tempfile.new(filename).tap do \|file\|`
			`file.write "# Automatically created by vagrant-lxc\n"`
			`commands.each do \|command\|`
			`file.write sudoers_policy(user, command[:cmd], command[:args])`
			`end`
			`end`
			`sudoers.close`
			`File.chmod(0644, sudoers.path)`
			`sudoers.path`
			`end`

			`def to_sudoers!(source, destination)`
			`destination = "/etc/sudoers.d/#{destination}"`
			`commands = [`
			`"rm -f #{destination}",`
			`"cp #{source} #{destination}",`
			`"chmod 440 #{destination}"`
			`]`
			`echo "#{commands.join('; ')}" \| sudo sh`
			`end`

			`def sudoers_policy(user, command, args)`
			home = `echo ~#{user}`.chomp
command/sudoers: Nitpick * Use Ruby 1.9+ hash syntax * Use % as the BOXES placeholder as it is the same symbol used for I18n placeholders as well 2014-03-21 22:48:34 +00:00			`args = args.gsub /%\{BOXES\}/, "#{home}/.vagrant.d/boxes"`
Created an "lxc sudoers" command to create sudoers file for a given user (defaults to current one). 2014-03-16 17:59:18 +00:00			`"#{user} ALL=(root) NOPASSWD: #{command} #{args}\n"`
			`end`

			`def commands`
:scissors: whitespace 2014-03-21 22:38:56 +00:00			`[`
Created an "lxc sudoers" command to create sudoers file for a given user (defaults to current one). 2014-03-16 17:59:18 +00:00			`{ :cmd => '/usr/bin/lxc-ls', :args => '' },`
			`{ :cmd => '/usr/bin/lxc-info', :args => '' },`
			`{ :cmd => '/usr/bin/lxc-attach', :args => '' },`
			`{ :cmd => '/usr/bin/which', :args => 'lxc-*' },`
			`{ :cmd => '/bin/cat', :args => '/var/lib/lxc/*' },`
			`{ :cmd => '/bin/mkdir', :args => '/var/lib/lxc/*' },`
			`{ :cmd => '/bin/su', :args => "root -c sed -e '' -ibak /var/lib/lxc/" },`
			`{ :cmd => '/bin/su', :args => "root -c echo '' >> /var/lib/lxc/" },`
			`{ :cmd => '/usr/bin/lxc-start', :args => '-d --name *' },`
command/sudoers: Nitpick * Use Ruby 1.9+ hash syntax * Use % as the BOXES placeholder as it is the same symbol used for I18n placeholders as well 2014-03-21 22:48:34 +00:00			`{ :cmd => '/bin/cp', :args => '%{BOXES}//lxc/lxc-template /usr/lib/lxc/templates/' },`
			`{ :cmd => '/bin/cp', :args => '%{BOXES}//lxc/lxc-template /usr/share/lxc/templates/' },`
Created an "lxc sudoers" command to create sudoers file for a given user (defaults to current one). 2014-03-16 17:59:18 +00:00			`{ :cmd => '/bin/rm', :args => '/usr/lib/lxc/templates/*' },`
			`{ :cmd => '/bin/rm', :args => '/usr/share/lxc/templates/*' },`
			`{ :cmd => '/bin/chmod', :args => '+x /usr/lib/lxc/*' },`
			`{ :cmd => '/bin/chmod', :args => '+x /usr/share/lxc/*' },`
			`{ :cmd => '/usr/bin/lxc-create', :args => '--template * --name * -- --tarball ${BOXES}/*' },`
			`{ :cmd => '/bin/rm', :args => '-rf /var/lib/lxc//rootfs/tmp/' },`
			`{ :cmd => '/usr/bin/lxc-shutdown', :args => '--name *' },`
			`{ :cmd => '/usr/bin/lxc-stop', :args => '--name *' },`
			`{ :cmd => '/usr/bin/lxc-destroy', :args => '--name *' }`
			`]`
			`end`
			`end`
			`end`
			`end`
			`end`