projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Limit nfs firewall ports to certain ranges
[mirror/dsa-puppet.git]
/
modules
/
sudo
/
files
/
sudoers
diff --git
a/modules/sudo/files/sudoers
b/modules/sudo/files/sudoers
index
e99dc6c
..
18d092c
100644
(file)
--- a/
modules/sudo/files/sudoers
+++ b/
modules/sudo/files/sudoers
@@
-29,13
+29,14
@@
Host_Alias FTPHOSTS = franck
Host_Alias ZIVITHOSTS = zelenka, zandonai
Host_Alias AACRAIDHOSTS = respighi, beethoven, pettersson
Host_Alias MEGARAIDHOSTS = rautavaara, sibelius
Host_Alias ZIVITHOSTS = zelenka, zandonai
Host_Alias AACRAIDHOSTS = respighi, beethoven, pettersson
Host_Alias MEGARAIDHOSTS = rautavaara, sibelius
-Host_Alias MPTRAIDHOSTS = barber, biber,
cilea, vitry, orff
+Host_Alias MPTRAIDHOSTS = barber, biber,
vitry
Host_Alias MEGACTLHOSTS = nielsen
Host_Alias LISTHOSTS = bendel
Host_Alias BUILDD_MASTER = wuiet
Host_Alias MEGACTLHOSTS = nielsen
Host_Alias LISTHOSTS = bendel
Host_Alias BUILDD_MASTER = wuiet
-Host_Alias PORTERBOXES = abel,
agricola,
barriere, eder, falla, fischer, gabrielli, harris, merulo, partch, smetana, zelenka
+Host_Alias PORTERBOXES = abel, barriere, eder, falla, fischer, gabrielli, harris, merulo, partch, smetana, zelenka
Host_Alias PIUPARTS_SLAVE_HOSTS = piu-slave-bm-a
Host_Alias MQ_HOSTS = rainier, rapoport
Host_Alias PIUPARTS_SLAVE_HOSTS = piu-slave-bm-a
Host_Alias MQ_HOSTS = rainier, rapoport
+Host_Alias NOVAHOSTS = oyens, bm-bl9, bm-bl10, bm-bl11, bm-bl12
# Cmnd alias specification
# Cmnd alias specification
@@
-60,6
+61,8
@@
nagios ALL=(ALL) NOPASSWD: /sbin/hpasmcli ""
nagios ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe ""
nagios franck=(ALL) NOPASSWD: /usr/bin/arrayprobe -f /dev/cciss/c1d0
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller all show
nagios ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe ""
nagios franck=(ALL) NOPASSWD: /usr/bin/arrayprobe -f /dev/cciss/c1d0
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller all show
+nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] ld all show
+nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] ld [0-9] show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd all show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd [0-9]\:[0-9] show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd [0-9][EIC]\:[0-9]\:[0-9] show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd all show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd [0-9]\:[0-9] show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd [0-9][EIC]\:[0-9]\:[0-9] show
@@
-93,7
+96,6
@@
nagios beethoven,backuphost=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-c
%debian-i18n ALL=(debian-i18n) ALL
%debian-release ALL=(release) ALL
%debtags ALL=(debtags) ALL
%debian-i18n ALL=(debian-i18n) ALL
%debian-release ALL=(release) ALL
%debtags ALL=(debtags) ALL
-%debvoip cilea=(freeswitch) ALL
%debwww ALL=(debwww) ALL
%dedup ALL=(dedup) ALL
%btslink ALL=(btslink) ALL
%debwww ALL=(debwww) ALL
%dedup ALL=(dedup) ALL
%btslink ALL=(btslink) ALL
@@
-165,8
+167,6
@@
piupartss PIUPARTS_SLAVE_HOSTS=(ALL) NOPASSWD: ALL
# trigger of mirror run for packages
#pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
dnsadm denis=(root) NOPASSWD: /usr/sbin/service bind9 reload
# trigger of mirror run for packages
#pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
dnsadm denis=(root) NOPASSWD: /usr/sbin/service bind9 reload
-%dnsadm orff=(root) NOPASSWD: /etc/init.d/bind9 reload
-%dnsadm orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo
%adm draghi=(puppet) NOPASSWD: /usr/bin/make -s -C /srv/db.debian.org/var/gitnagios/dsa-nagios/config install
# wbadm can update all buildd* users' keys on buildd.d.o
%wbadm BUILDD_MASTER=(wb-buildd) ALL
%adm draghi=(puppet) NOPASSWD: /usr/bin/make -s -C /srv/db.debian.org/var/gitnagios/dsa-nagios/config install
# wbadm can update all buildd* users' keys on buildd.d.o
%wbadm BUILDD_MASTER=(wb-buildd) ALL
@@
-208,3
+208,8
@@
nagiosadm tchaikovsky=(root) NOPASSWD: /usr/sbin/service icinga reload
# voip stuff
%debvoip VOIPHOSTS=(root) /usr/sbin/service resiprocate-turn-server restart, /usr/sbin/service repro restart
# voip stuff
%debvoip VOIPHOSTS=(root) /usr/sbin/service resiprocate-turn-server restart, /usr/sbin/service repro restart
+# Openstack stuff
+Defaults:neutron !requiretty
+nova NOVAHOSTS=(root) NOPASSWD: /usr/bin/nova-rootwrap *
+neutron NOVAHOSTS=(root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
+cinder NOVAHOSTS=(root) NOPASSWD: /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf *