Fix sudoers.erb to stop writing an invalid "Defaults:" line if no defaults given

[MasonM]

Commit b17f148def17b6f12a74bb59d0b6b6fa0e721142 introduced a bug where leaving defaults as the default (an empty array) causes an invalid line to be written to the sudoers file. This happens because an empty array is considered to be true in Ruby, so the if check in the template will always be satisfied unless you explicitly pass defaults => undef. At least, that's how it works for me in Puppet v3.3.1.

Sudo really doesn't like syntax errors, and once it hits the invalid line it will stop working with an error like the following:

sudo: >>> /etc/sudoers.d/admins: syntax error near line 7 <<< 
sudo: parse error in /etc/sudoers.d/admins near line 7
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

If you don't have root access to the server, you'll be locked out of administering it at this point.

[arnoudj]

Thanks for catching that one.

[MasonM]

Was there something else I needed to do before this gets merged? I can write tests, if you'd like.

Seems to me like this is pretty urgent, since a lot of people disable remote root access to their servers.

[arnoudj]

Will push a new release to the forge. Have to think about adding better tests to catch this in the future.