X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsudo%2Ffiles%2Fcommon%2Fsudoers;h=ed437c0a5f47c83af2d5c5c28e6f5bc09ddf3f0c;hb=a057a77fc2e7f761e7d6ae69655e91ff60d653a0;hp=bfa938920fc770fd053b04c53ceb1a0729df120a;hpb=68c6ebbcb261bb932b83c496f3f8fe8add343395;p=mirror%2Fdsa-puppet.git diff --git a/modules/sudo/files/common/sudoers b/modules/sudo/files/common/sudoers index bfa938920..ed437c0a5 100644 --- a/modules/sudo/files/common/sudoers +++ b/modules/sudo/files/common/sudoers @@ -24,9 +24,9 @@ Defaults passprompt="[sudo] password for %u on %h: " Host_Alias QAHOSTS = master, merkel, quantz Host_Alias WEBHOSTS = wolkenstein Host_Alias SECHOSTS = chopin -Host_Alias FTPHOSTS = franck, ries +Host_Alias FTPHOSTS = franck, morricone Host_Alias ZIVITHOSTS = zelenka, zandonai -Host_Alias AACRAIDHOSTS = bellini, cimarosa, morricone, paganini, respighi, vivaldi, beethoven, pettersson +Host_Alias AACRAIDHOSTS = bellini, morricone, paganini, respighi, vivaldi, beethoven, pettersson Host_Alias MEGARAIDHOSTS = grieg, rautavaara, sibelius Host_Alias MPTRAIDHOSTS = master, fasch, holter, barber, biber, cilea, vitry, krenek, scelsi, orff, field @@ -38,7 +38,7 @@ root ALL=(ALL) ALL # DSA and local admins %adm ALL=(ALL) ALL -%adm ALL=(ALL) NOPASSWD: /usr/bin/apt-get update, /usr/bin/apt-get dist-upgrade, /usr/bin/apt-get clean, /usr/sbin/samhain -t check -i -p err -s none -l none -m none, /usr/sbin/upgrade-porter-chroots +%adm ALL=(ALL) NOPASSWD: /usr/bin/apt-get update, /usr/bin/apt-get upgrade, /usr/bin/apt-get dist-upgrade, /usr/bin/apt-get clean, /usr/sbin/samhain -t check -i -p err -s none -l none -m none, /usr/sbin/upgrade-porter-chroots admin agnesi=(ALL) ALL %zivit-admins ZIVITHOSTS=(ALL) NOPASSWD: ALL @@ -67,6 +67,7 @@ nagios MEGARAIDHOSTS=(ALL) NOPASSWD: /usr/local/bin/megarc -AllAdpInfo -nolog, nagios beethoven=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backuppg "" # groups and their role accounts +%backports ALL=(backports) ALL %buildd ALL=(buildd) ALL %d-i ALL=(d-i) ALL %dde ALL=(dde) ALL @@ -90,6 +91,7 @@ nagios beethoven=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backup %pkg_maint ALL=(pkg_user) ALL %planet ALL=(planet) ALL %popcon ALL=(popcon) ALL +%search ALL=(search) ALL %secretary ALL=(secretary) ALL %sectracker ALL=(sectracker) ALL %security SECHOSTS=(mail_security) ALL @@ -121,7 +123,7 @@ joerg unger=(ALL) /usr/bin/sispmctl -t [12], /usr/bin/sispmctl -g [12] %wbadm grieg=(root) /usr/local/bin/update-buildd-sshkeys wbadm grieg=(postgres) NOPASSWD: /usr/bin/pg_dumpall --cluster 8.4/wanna-build # mirror push -dak FTPHOSTS,morricone=(archvsync) NOPASSWD:/home/archvsync/runmirrors +dak FTPHOSTS,SECHOSTS=(archvsync) NOPASSWD:/home/archvsync/runmirrors planet senfl=(archvsync) NOPASSWD: /home/archvsync/bin/runplanet "" # archvsync triggers snapshot archvsync sibelius,stabile=(snapshot) NOPASSWD: /srv/snapshot.debian.org/bin/update-trigger @@ -132,8 +134,8 @@ debbugs-mirror rietz=(root) NOPASSWD: /usr/bin/vos release -id srv.mirrors.bugs %debian-release FTPHOSTS=(dak) /usr/local/bin/dak transitions --import * %ftpteam FTPHOSTS=(dak) /usr/local/bin/dak transitions --import * # security -%security SECHOSTS=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] -- * -%sec_public SECHOSTS=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] -- * +%security SECHOSTS=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] +%sec_public SECHOSTS=(dak) NOPASSWD: /usr/local/bin/dak new-security-install -[AR] %sec_public SECHOSTS=(dak) NOPASSWD: /home/dak/trigger_mirror dak SECHOSTS=(archvsync) NOPASSWD: /home/archvsync/signal_security # web stuff