From: Grant Slater <git@firefishy.com>
Date: Mon, 28 Mar 2016 00:59:23 +0000 (+0100)
Subject: Allow dev users to sudo cat their apache logs
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/295847cabea40add72f44bf44f81adc6a8fb6dfa

Allow dev users to sudo cat their apache logs
---

diff --git a/cookbooks/dev/recipes/default.rb b/cookbooks/dev/recipes/default.rb
index b5b864ffc..849830bc2 100644
--- a/cookbooks/dev/recipes/default.rb
+++ b/cookbooks/dev/recipes/default.rb
@@ -134,6 +134,14 @@ search(:accounts, "*:*").each do |account|
     directory "#{user_home}/public_html"
     variables :user => name, :port => port
   end
+
+  template "/etc/sudoers.d/#{name}" do
+    source "sudoers.user.erb"
+    owner "root"
+    group "root"
+    mode 0440
+    variables :user => name
+  end
 end
 
 if node[:postgresql][:clusters][:"9.3/main"]
diff --git a/cookbooks/dev/templates/default/sudoers.user.erb b/cookbooks/dev/templates/default/sudoers.user.erb
new file mode 100644
index 000000000..bc432eeaf
--- /dev/null
+++ b/cookbooks/dev/templates/default/sudoers.user.erb
@@ -0,0 +1,5 @@
+# DO NOT EDIT - This file is being maintained by Chef
+<%= @user %> ALL=(ALL) NOPASSWD: /bin/cat /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log
+<%= @user %> ALL=(ALL) NOPASSWD: /bin/cat /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log.1
+<%= @user %> ALL=(ALL) NOPASSWD: /bin/cat /var/log/apache2/<%= @user %>.dev.openstreetmap.org-error.log
+<%= @user %> ALL=(ALL) NOPASSWD: /bin/cat /var/log/apache2/<%= @user %>.dev.openstreetmap.org-error.log.1