Add prefix parameter to prefix all sudoers.d entries

[traylenator]

A previous attempt in

https://github.com/saz/puppet-sudo/pull/248

to allow only files created with the suffix _puppet to be purged is faulty. In particular with

class{'sudo':
  suffix              => '_puppet',
  purge_ignore => '*[!_puppet]',
}

Does not work as files names shorter than the length of string _puppet are not ignored and so are deleted.

Switching to prefix

class{'sudo':
  prefix             => 'puppet_',
  purge_ignore => '[!puppet_]*',
}

Gives the desired result.

irb(main):001:0> Dir.glob('[!puppet_]*')
=> ["short", "longfilename"]

So the files `short` and `longfilename` will be ignored correctly.

[zilchms]

Looks good! Should it be added in a new major release in your opinion? Since these changes break functionality as it is now for some cases?

[traylenator]

Thanks for the reply.

What's the change in behaviour ?

[zilchms]

Maybe i am wrong, but by changing from suffix to prefix, i think we break working configurations. Or am i misreading this? Do we still retain the suffix parameter? If so, the previous behaviour is still retained and there should be no issue. Edit: Had another look at it, should be completely fine.

[traylenator]

Yeah just the documentation advice changes and as you it's a new paramter , the old useless for my usecase suffix is still there which is fine.

[saz]

@traylenator Please rebase and squash commits. Thanks!

[saz]

@traylenator Any news on this?

[traylenator]

Will sort out in couple of weeks time.

[traylenator]

Now to understand what I was trying to do with these tests .....

[traylenator]

@saz there I hope. Rebased , the acceptance tests were essentially rewritten as turned out to be easier.

Also it seems that visudo is now slightly stricter so needed some chmod 0400 for the non-puppet created sudo entries.

[traylenator]

@saz ?