Add sudoers files

[mirror/dsa-puppet.git] / modules / sudo / files / per-host / piatti.debian.org / sudoers

diff --git a/modules/sudo/files/per-host/piatti.debian.org/sudoers b/modules/sudo/files/per-host/piatti.debian.org/sudoers
new file mode 100644 (file)
index 0000000..ba2ea8d
--- /dev/null
+++ b/modules/sudo/files/per-host/piatti.debian.org/sudoers
@@ -0,0 +1,46 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+# /etc/sudoers
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# See the man page for details on how to write a sudoers file.
+#
+
+Defaults       env_reset
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root   ALL=(ALL) ALL
+
+%adm    ALL=(ALL) ALL
+%adm    ALL=(ALL) NOPASSWD: /usr/bin/apt-get update, /usr/bin/apt-get dist-upgrade, /usr/bin/apt-get clean, /usr/sbin/samhain -t check -i -p err -s none -l none -m none
+
+# The piuparts slave needs to handle chroots
+piupartss      ALL=(ALL) NOPASSWD: ALL
+
+#piuparts admins
+%piuparts      ALL=(piupartss) ALL
+%piuparts      ALL=(piupartsm) ALL
+
+%mirroradm     ALL=(archvsync) ALL
+%uddadm                ALL=(udd) ALL
+%debbugs       ALL=(debbugs) ALL
+%apachectrl    ALL=(root) /usr/sbin/apache2-vhost-update
+
+nagios  ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe ""
+nagios  ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup ""
+nagios  ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller all show
+nagios  ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=0 pd all show
+nagios  ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=0 pd [0-9]\:[0-9] show
+nagios  ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=0 pd [0-9]I\:[0-9]\:[0-9] show
+nagios  ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=0 show status
+nagios  ALL=(ALL) NOPASSWD: /usr/sbin/samhain -t check --foreground -p err -s none -l none -m none