Added full sudo support for admin user

install/debian/sudoers.admin.conf

@@ -0,0 +1,3 @@
+# Created by vesta installer
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

install/debian/sudoers.conf

@@ -30,4 +30,3 @@ root	ALL=(ALL:ALL) ALL
 # See sudoers(5) for more information on "#include" directives:
 
 #includedir /etc/sudoers.d
-admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

install/rhel/sudoers.admin.conf

@@ -0,0 +1,3 @@
+# Created by vesta installer
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

install/rhel/sudoers.conf

@@ -95,4 +95,5 @@ root    ALL=(ALL)       ALL
 
 ## Allows members of the users group to shutdown this system
 # %users  localhost=/sbin/shutdown -h now
-admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
+
+#includedir /etc/sudoers.d

install/ubuntu/sudoers.admin.conf

@@ -0,0 +1,3 @@
+# Created by vesta installer
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

install/ubuntu/sudoers.conf

@@ -29,4 +29,3 @@ root	ALL=(ALL:ALL) ALL
 # See sudoers(5) for more information on "#include" directives:
 
 #includedir /etc/sudoers.d
-admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

install/vst-install-debian.sh

@@ -518,7 +518,9 @@ echo "/sbin/nologin" >> /etc/shells
 
 # Sudo configuration
 wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers
-chmod 0440 /etc/sudoers
+wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin
+chmod 440 /etc/sudoers
+chmod 440 /etc/sudoers.d/admin
 
 # NTP Synchronization
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate

install/vst-install-rhel.sh

@@ -571,7 +571,9 @@ echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 
 # Sudo configuration
 wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers
-chmod 0440 /etc/sudoers
+wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin
+chmod 440 /etc/sudoers
+chmod 440 /etc/sudoers.d/admin
 
 # NTP Synchronization
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate

install/vst-install-ubuntu.sh

@@ -524,7 +524,9 @@ echo "/sbin/nologin" >> /etc/shells
 
 # Sudo configuration
 wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers
-chmod 0440 /etc/sudoers
+wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin
+chmod 440 /etc/sudoers
+chmod 440 /etc/sudoers.d/admin
 
 # NTP Synchronization
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate

src/deb/vesta/postinst

@@ -20,4 +20,10 @@ if [ -x "/usr/local/vesta/upd/fix_mysql_startup.sh" ]; then
     /usr/local/vesta/upd/fix_mysql_startup.sh
 fi
 
+# Run SUDO trigger
+if [ -x "/usr/local/vesta/upd/add_sudo.sh" ]; then
+    /usr/local/vesta/upd/add_sudo.sh
+fi
+
+
 exit 0

src/rpm/specs/vesta.spec

@@ -43,7 +43,9 @@ if [ $1 -ge 2 ]; then
     if [ -e /usr/local/vesta/upd/fix_vesta_ssl_permissions.sh ]; then
         /usr/local/vesta/upd/fix_vesta_ssl_permissions.sh
     fi
-fi
+    if [ -e /usr/local/vesta/upd/add_sudo.sh ]; then
+        /usr/local/vesta/upd/add_sudo.sh
+    fi
 
 %files
 %{_vestadir}

upd/add_sudo.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+if [ ! -e /etc/sudoers.d/admin ]; then
+    echo "# Created by vesta update-trigger" > /etc/sudoers.d/admin
+    echo "# $(date)" >> /etc/sudoers.d/admin
+    echo "admin   ALL=(ALL)       ALL" >> /etc/sudoers.d/admin
+    echo "admin   ALL=NOPASSWD:/usr/local/vesta/bin/*" >> /etc/sudoers.d/admin
+    chmod 440 /etc/sudoers.d/admin
+
+    if [ -z "$(grep /etc/sudoers.d /etc/sudoers)" ]; then
+        echo -e "\n#includedir /etc/sudoers.d" >> /etc/sudoers
+    fi
+fi