writing of sudoers is not idempotent
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
after several (full) re-runs of cloud-init, my /usr/local/
# Created by cloud-init v. 22.3 on Wed, 05 Oct 2022 21:34:14 +0000
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
# User rules for freebsd
freebsd ALL=(ALL) NOPASSWD:ALL
while this has no affect on sudo's functionality, it's also not deduplicated:
freebsd@
User freebsd may run the following commands on fbsd14-amd64:
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
given what we're trying to accomplish with writing sudoers rules, I think it would make sense to *always* rewrite the file, regardless of whether it exists or not.
Changed in cloud-init: | |
status: | New → Incomplete |
status: | Incomplete → Triaged |
tags: | added: bitesize |
Tracked in Github Issues as https:/ /github. com/canonical/ cloud-init/ issues/ 4048