# nagios
nagios ALL=(ALL) NOPASSWD: /etc/init.d/ekeyd-egd-linux restart
nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup ""
+nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-filesystems ""
# with smartarray controllers
nagios ALL=(ALL) NOPASSWD: /sbin/hpasmcli ""
nagios ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe ""
%volatile ALL=(volatile) ALL
%wbadm ALL=(wbadm) ALL
%mujeres ALL=(women) ALL
-%wikiadm ALL=(wiki) ALL
+%wikiadm ALL=(wiki,wikiweb) ALL
%qa-core QAHOSTS=(qa) ALL
%gobby gombert=(gobby) ALL
# the dak user gets to run stuff as dak-unpriv (for things like lintian checks)
dak ALL=(dak-unpriv) NOPASSWD: ALL
+%ftptrainee FTPHOSTS=(dak-unpriv) NOPASSWD: /usr/bin/lintian
# some groups are in apachectrl on "their" hosts so they can reload apache and update their vhost
%apachectrl ALL=(root) /usr/sbin/apache2-vhost-update
Defaults:buildd env_reset,env_keep+="APT_CONFIG DEBIAN_FRONTEND"
buildd ALL=(ALL) NOPASSWD: ALL
+%planet senfl=(staticsync) NOPASSWD: /usr/local/bin/static-update-component planet.debian.org
+
# The piuparts slave needs to handle chroots
piupartss piatti=(ALL) NOPASSWD: ALL
# trigger of mirror run for packages
geodnssync geo1,geo2,geo3=(root) NOPASSWD: /etc/init.d/bind9 reload
geodnssync geo1,geo2,geo3=(root) NOPASSWD: /usr/sbin/rndc reconfig
# pushed nagiosadm reload icinga on tchaikovsky
-nagiosadm tchaikovsky=(root) /usr/sbin/service icinga reload
+nagiosadm tchaikovsky=(root) NOPASSWD: /usr/sbin/service icinga reload
# Porter work
%porter-armel abel,agricola=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot
projects / mirror / dsa-puppet.git / blobdiff