Correct revoke-sudo to actually work

* jenkins/jobs/macros.yaml(revoke-sudo): Simplify the sudoers
include file deletion to not rely on a conditional check, and then
test that it actually worked. Previously, systems where
/etc/sudoers.d was non-world-readable caused it to be a silent
no-op.

Change-Id: Ie713482acbd454eeb58c3481e8b8820049daaab8
This commit is contained in:
Jeremy Stanley 2015-01-07 21:45:44 +00:00
parent 397cbe5373
commit 64f23c918b

View File

@ -15,10 +15,10 @@
name: revoke-sudo
builders:
- shell: |
#!/bin/bash
if [ -f /etc/sudoers.d/jenkins-sudo ] ; then
sudo rm /etc/sudoers.d/jenkins-sudo
fi
#!/bin/bash -x
sudo rm -f /etc/sudoers.d/jenkins-sudo
# Prove that general sudo access is actually revoked
! sudo -n true
- builder:
name: coverage