From 32807af28e2d59cb4664f60eab1ab5111513cb77 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Thu, 9 Apr 2015 18:52:37 +0100 Subject: [PATCH] Use sudo to run passenger-config when restarting taginfo --- cookbooks/taginfo/recipes/default.rb | 7 +++++++ cookbooks/taginfo/templates/default/sudoers.erb | 4 ++++ cookbooks/taginfo/templates/default/update-taginfo.erb | 2 +- 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 cookbooks/taginfo/templates/default/sudoers.erb diff --git a/cookbooks/taginfo/recipes/default.rb b/cookbooks/taginfo/recipes/default.rb index c384c6682..db09f48f1 100644 --- a/cookbooks/taginfo/recipes/default.rb +++ b/cookbooks/taginfo/recipes/default.rb @@ -69,6 +69,13 @@ file "/etc/logrotate.d/taginfo" do action :delete end +template "/etc/sudoers.d/taginfo" do + source "sudoers.erb" + owner "root" + group "root" + mode 0440 +end + node[:taginfo][:sites].each do |site| name = site[:name] directory = site[:directory] || "/srv/#{name}" diff --git a/cookbooks/taginfo/templates/default/sudoers.erb b/cookbooks/taginfo/templates/default/sudoers.erb new file mode 100644 index 000000000..907d23453 --- /dev/null +++ b/cookbooks/taginfo/templates/default/sudoers.erb @@ -0,0 +1,4 @@ +# DO NOT EDIT - This file is being maintained by Chef + +# Allow taginfo to restart the web app +taginfo ALL=(root) NOPASSWD: /usr/bin/passenger-config restart-app * diff --git a/cookbooks/taginfo/templates/default/update-taginfo.erb b/cookbooks/taginfo/templates/default/update-taginfo.erb index 4d09a6580..652a53a67 100644 --- a/cookbooks/taginfo/templates/default/update-taginfo.erb +++ b/cookbooks/taginfo/templates/default/update-taginfo.erb @@ -19,6 +19,6 @@ mv $ROOT/data/taginfo-* $ROOT/data/old mv $ROOT/sources/taginfo-*.db $ROOT/sources/*/taginfo-*.db $ROOT/data mv $ROOT/sources/download/* $ROOT/download -passenger-config restart-app $ROOT/taginfo/web > /dev/null +sudo /usr/bin/passenger-config restart-app $ROOT/taginfo/web > /dev/null find $ROOT/sources/log -mtime +28 -delete -- 2.43.2