From 57a3398e8c860f11b40fedc9d066db71291ded44 Mon Sep 17 00:00:00 2001
From: Christian Boltz <opensuse@cboltz.de>
Date: Mar 13 2019 22:54:00 +0000
Subject: fix osem sudo config and allow osem-admins group


The sudo rules for the osem user need to be quoted in salt to avoid the
"... PASSWD:" part is interpreted as key, and everything after it as
value (which will result in an invalid sudo rule).

Also add group permissions for the osem-admins group so that they can
use sudo.

---

diff --git a/pillar/role/web_osem.sls b/pillar/role/web_osem.sls
index 343dd9f..6c31891 100644
--- a/pillar/role/web_osem.sls
+++ b/pillar/role/web_osem.sls
@@ -1,8 +1,10 @@
 sudoers:
   included_files:
-    /etc/sudoers.d/group_osem:
+    /etc/sudoers.d/osem:
+      groups:
+        osem-admins:
+          - 'ALL=(ALL) ALL'
       users:
         osem:
-          - ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart osem-dj
-          - ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart osem
-
+          - 'ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart osem-dj'
+          - 'ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart osem'