X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsudo%2Ffiles%2Fsudoers;h=1407862221f477936ba7fc6f9d95ed942b6f5632;hb=c5af1344dc7bdb0050b613962ed465001ae2b2a8;hp=1755a9f1b31d59fdac5583128bb5223a5a510279;hpb=84511f646431abbd43d46de2dff73ed490dd1bb9;p=mirror%2Fdsa-puppet.git diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers index 1755a9f1b..140786222 100644 --- a/modules/sudo/files/sudoers +++ b/modules/sudo/files/sudoers @@ -50,6 +50,7 @@ root ALL=(ALL) ALL %zivit-admins ZIVITHOSTS=(ALL) NOPASSWD: ALL # nagios +nagios ALL=(ALL) NOPASSWD: /bin/systemctl is-system-running nagios MQ_HOSTS=(rabbitmq) NOPASSWD: /usr/sbin/rabbitmqctl list_queues -p dsa name messages consumers nagios ALL=(ALL) NOPASSWD: /usr/sbin/service ekeyd-egd-linux restart nagios ALL=(ALL) NOPASSWD: /usr/sbin/service samhain restart @@ -75,7 +76,7 @@ nagios AACRAIDHOSTS=(ALL) NOPASSWD: /usr/local/bin/arcconf GETCONFIG 1 LD, /usr nagios MEGARAIDHOSTS=(ALL) NOPASSWD: /usr/local/bin/megarc -AllAdpInfo -nolog, /usr/local/bin/megarc -dispCfg -a0 -nolog nagios MEGACTLHOSTS=(ALL) NOPASSWD: /usr/sbin/megactl -Hv # other nagios things -nagios beethoven,backuphost=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backuppg "" +nagios storace=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backuppg "" # groups and their role accounts %auditor ALL=(accounting) ALL @@ -169,6 +170,7 @@ debwww wolkenstein=(staticsync) NOPASSWD: /usr/local/bin/static-update-componen %debvoip dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component rtc.debian.org %security dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component security-team.debian.org %lintian lilburn=(staticsync) NOPASSWD: /usr/local/bin/static-update-component lintian.debian.org +%lintian lindsay=(staticsync) NOPASSWD: /usr/local/bin/static-update-component lintian.debian.org # The piuparts slave needs to handle chroots piupartss PIUPARTS_SLAVE_HOSTS=(ALL) NOPASSWD: ALL @@ -197,6 +199,7 @@ dak SECHOSTS=(archvsync) NOPASSWD: /home/archvsync/signal_security # web stuff debwww WEBHOSTS=(archvsync) NOPASSWD: /home/archvsync/webmirrors/runmirrors %press WEBHOSTS=(debwww) /srv/www.debian.org/update-part News +%debvote WEBHOSTS=(debwww) /srv/www.debian.org/update-part vote # more list stuff %list LISTHOSTS=(root) /usr/sbin/postfix reload %list stockhausen=(root) /usr/sbin/service jetty restart @@ -205,7 +208,7 @@ debwww WEBHOSTS=(archvsync) NOPASSWD: /home/archvsync/webmirrors/runmirrors %list LISTHOSTS=(amavis) NOPASSWD: /usr/bin/sa-learn %list LISTHOSTS=(amavis) ALL # geodns may reload bind -geodnssync geo1,geo2,geo3=(root) NOPASSWD: /etc/init.d/bind9 reload +geodnssync geo1,geo2,geo3=(root) NOPASSWD: /usr/sbin/service bind9 reload geodnssync geo1,geo2,geo3=(root) NOPASSWD: /usr/sbin/rndc reconfig # pushed nagiosadm reload icinga on tchaikovsky nagiosadm tchaikovsky=(root) NOPASSWD: /usr/sbin/service icinga reload