Skip to content

Merging sudoers step #354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Apr 8, 2020
Merged

Merging sudoers step #354

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b2bffd1
Merging sudoers step
Apr 7, 2020
ef4aaeb
Updating UF
Apr 7, 2020
80ed987
Pinning ubi-minimal version again due to openssl-devel breakage
Apr 8, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion base/redhat-8/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
# the container catalog moved from registry.access.redhat.com to registry.redhat.io
# So at some point before they deprecate the old registry we have to make sure that
# we have access to the new registry and change where we pull the ubi image from.
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1-407
LABEL name="splunk" \
maintainer="support@splunk.com" \
vendor="splunk" \
Expand Down
3 changes: 1 addition & 2 deletions splunk/common-files/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,8 +95,7 @@ COPY [ "splunk/common-files/entrypoint.sh", "splunk/common-files/createdefaults.
COPY splunk-ansible ${SPLUNK_ANSIBLE_HOME}

# Set sudo rights
RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' /etc/sudoers \
&& sudo echo -e '\nansible ALL=(splunk)NOPASSWD:ALL' >> /etc/sudoers \
RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL\nansible ALL=(splunk)NOPASSWD:ALL/g' /etc/sudoers \
&& echo 'Create the ansible user/group' \
&& groupadd -r ${ANSIBLE_GROUP} \
&& useradd -r -m -g ${ANSIBLE_GROUP} ${ANSIBLE_USER} \
Expand Down
9 changes: 3 additions & 6 deletions uf/common-files/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,16 +88,13 @@ COPY [ "uf/common-files/entrypoint.sh", "uf/common-files/checkstate.sh", "uf/com
USER root

# Setup users and groups
RUN \
# Set sudo rights
sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' /etc/sudoers \
&& sudo echo -e '\nansible ALL=(splunk)NOPASSWD:ALL' >> /etc/sudoers \
# Create the ansible user/group
RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL\nansible ALL=(splunk)NOPASSWD:ALL/g' /etc/sudoers \
&& echo 'Create the ansible user/group' \
&& groupadd -r ${ANSIBLE_GROUP} \
&& useradd -r -m -g ${ANSIBLE_GROUP} ${ANSIBLE_USER} \
&& usermod -aG sudo ${ANSIBLE_USER} \
&& usermod -aG ${ANSIBLE_GROUP} ${SPLUNK_USER} \
# Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".
&& echo 'Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".' \
&& mkdir ${CONTAINER_ARTIFACT_DIR} \
&& chown -R ${ANSIBLE_USER}:${ANSIBLE_GROUP} ${CONTAINER_ARTIFACT_DIR} \
&& chmod -R 775 ${CONTAINER_ARTIFACT_DIR} \
Expand Down