To make validate_single to really only validate
single files the implementation was changed.
If validate_single is true visudo will be
called with -f . In case validate_single
is false all files will be validated. This
makes sense because a single file could break
the whole sudoers config, see issue #125.
Before this commit all files would always be
validated no matter which value validate_single
had. This might be unwanted if an application
installs some file with wrong rights 0440,
see issue #223.
Removed parameter delete_on_error because now
an invalid file is never kept. When param
was false it could also lead to infinite
error messages in the invalid sudoers file.
Removed parameter sudo_syntax_path as it
is unused now. It cannot be used in puppet
file's validate_cmd.
To make validate_single to really only validate single files the implementation was changed. If validate_single is true visudo will be called with -f. In case validate_single
is false all files will be validated. This
makes sense because a single file could break
the whole sudoers config, see issue #125.
Before this commit all files would always be
validated no matter which value validate_single
had. This might be unwanted if an application
installs some file with wrong rights 0440,
see issue #223.
Removed parameter delete_on_error because now
an invalid file is never kept. When param
was false it could also lead to infinite
error messages in the invalid sudoers file.
Removed parameter sudo_syntax_path as it
is unused now. It cannot be used in puppet
file's validate_cmd.