sudo-1.7.0
2 minute read
KOSI Plugin sudo Version 1.7.0
Summary
The sudo plugin allows executing commands with elevated (sudo) rights within a KOSI package. This is necessary for operations that require administrative privileges, such as modifying system files or managing users.
The sudo plugin wraps other plugin calls that need elevated permissions. When using sudo, commands inside its block are executed with superuser privileges.
The sudo plugin requires a sudo password unless NOPASSWD is configured for the executing user. The NOPASSWD option can be set in the /etc/sudoers file to allow password-less sudo execution for specific users or commands.
Keys
| Key | Description | |
|---|---|---|
| password | Mandatory if NOPASSWD is not set |
Set sudo password. |
Examples
Example 1
The following example demonstrates how to use the sudo plugin to create a new user with administrative privileges:
languageversion = "1.0.0";
apiversion = "kubernative/kubeops/sina/user/v4";
name = "kosi-example-package";
description = "kosi-example-package";
version = "0.1.0";
docs = "docs.tgz";
logo = "logo.png";
files =
{
input = "template.yaml";
}
containers =
{
example = ["docker.io", "nginx", "latest"];
}
install
{
cmd(command = "echo --- Using the sudo plugin. ---");
sudo(password = "myPassword")
{
bash(command = "echo The password is correct, the new user is now created!");
cmd(command = "useradd newuser");
}
cmd(command = "echo --- End. ---");
}
Where to Set NOPASSWD
The NOPASSWD option can be set in the /etc/sudoers file or in a separate file under /etc/sudoers.d/. To allow a user to run sudo commands without entering a password, add the following line:
username ALL=(ALL) NOPASSWD: ALL
Replace username with the actual user’s name.
Supported Plugins
The sudo plugin can be used with the following plugins that often require elevated privileges: