# Host alias specification
Host_Alias QAHOSTS = master, merkel
Host_Alias WEBHOSTS = klecker, wolkenstein
+Host_Alias SECHOSTS = klecker, chopin
# User alias specification
User_Alias QACORE = aba, djpig, geissert, hertzog, jeroen, joerg, lucas, luk, myon, tbm, weasel, zack
# nagios
nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup ""
# with smartarray controllers
+nagios ALL=(ALL) NOPASSWD: /sbin/hpasmcli ""
nagios ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe ""
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller all show
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[02] pd all show
# wbadm can update all buildd* users' keys on buildd.d.o
%wbadm raff=(root) /usr/local/bin/update-buildd-sshkeys
%wbadm cimarosa=(root) /usr/local/bin/update-buildd-sshkeys
+wbadm cimarosa=(postgres) NOPASSWD: /usr/bin/pg_dumpall --cluster 8.4/wanna-build
# mirror push
dak ries=(archvsync) NOPASSWD:/home/archvsync/runmirrors
planet senfl=(archvsync) NOPASSWD: /home/archvsync/bin/runplanet ""
%debian-release ries=(dak) /usr/local/bin/dak transitions --import *
%ftpteam ries=(dak) /usr/local/bin/dak transitions --import *
# security
-%security klecker=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] -- *
-%sec_public klecker=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] -- *
-%sec_data klecker=(archvsync) NOPASSWD: /home/archvsync/security/signal ""
-dak klecker=(archvsync) NOPASSWD: /home/archvsync/signal_security
+%security SECHOSTS=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] -- *
+%sec_public SECHOSTS=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] -- *
+%sec_data SECHOSTS=(archvsync) NOPASSWD: /home/archvsync/security/signal ""
+dak SECHOSTS=(archvsync) NOPASSWD: /home/archvsync/signal_security
# web stuff
debwww WEBHOSTS=(archvsync) NOPASSWD: /home/archvsync/webmirrors/runmirrors
# more list stuff
projects / mirror / dsa-puppet.git / blobdiff