X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsudo%2Ffiles%2Fsudoers;h=45465151646c2167b37043dd59454a17a80262f0;hb=6ac0d4c6b8904fe285480ffc224f70d3e1dbeffb;hp=0efe5cbc56bc79a2c7764fa6b616fe024d41e873;hpb=103e56b48752f77fd66edd1824d82946570ca033;p=mirror%2Fdsa-puppet.git diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers index 0efe5cbc5..454651516 100644 --- a/modules/sudo/files/sudoers +++ b/modules/sudo/files/sudoers @@ -22,15 +22,15 @@ Defaults passprompt="[sudo] password for %u on %h: " Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification -Host_Alias QAHOSTS = master, quantz, stabile +Host_Alias QAHOSTS = quantz, stabile Host_Alias WEBHOSTS = wolkenstein Host_Alias SECHOSTS = chopin -Host_Alias FTPHOSTS = franck, morricone, bizet +Host_Alias FTPHOSTS = franck, morricone Host_Alias ZIVITHOSTS = zelenka, zandonai -Host_Alias AACRAIDHOSTS = bellini, morricone, paganini, respighi, vivaldi, beethoven, pettersson +Host_Alias AACRAIDHOSTS = bellini, morricone, paganini, respighi, beethoven, pettersson Host_Alias MEGARAIDHOSTS = grieg, rautavaara, sibelius -Host_Alias MPTRAIDHOSTS = master, fasch, holter, barber, biber, cilea, vitry, krenek, scelsi, orff, field -Host_Alias MEGACTLHOSTS = lindberg, englund, heininen, nielsen +Host_Alias MPTRAIDHOSTS = old-master, fasch, holter, barber, biber, cilea, vitry, krenek, orff +Host_Alias MEGACTLHOSTS = lindberg, englund, nielsen Host_Alias LISTHOSTS = bendel # Cmnd alias specification @@ -48,6 +48,8 @@ root ALL=(ALL) ALL # nagios nagios ALL=(ALL) NOPASSWD: /etc/init.d/ekeyd-egd-linux restart nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup "" +nagios dinis=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-bacula +nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-filesystems "" # with smartarray controllers nagios ALL=(ALL) NOPASSWD: /sbin/hpasmcli "" nagios ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe "" @@ -60,6 +62,14 @@ nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] pd [0-9][E nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] show status nagios franck=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=1 enclosure 1E\:1 show detail +nagios ALL=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller all show +nagios ALL=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller slot=[0129] pd all show +nagios ALL=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller slot=[0129] pd [0-9]\:[0-9] show +nagios ALL=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller slot=[0129] pd [0-9][EIC]\:[0-9]\:[0-9] show +nagios ALL=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller slot=[0129] pd [0-9][EIC]\:[0-9]\:[0-9][0-9] show +nagios ALL=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller slot=[0129] show status +nagios franck=(ALL) NOPASSWD: setarch x86_64 --uname-2.6 /usr/sbin/hpacucli controller slot=1 enclosure 1E\:1 show detail + # other raid controllers nagios powell=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info nagios puccini=(ALL) NOPASSWD: /usr/local/bin/tw_cli info c0 u0 status @@ -110,12 +120,13 @@ nagios beethoven=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backup %volatile ALL=(volatile) ALL %wbadm ALL=(wbadm) ALL %mujeres ALL=(women) ALL -%wikiadm ALL=(wiki) ALL +%wikiadm ALL=(wiki,wikiweb) ALL %qa-core QAHOSTS=(qa) ALL %gobby gombert=(gobby) ALL # the dak user gets to run stuff as dak-unpriv (for things like lintian checks) dak ALL=(dak-unpriv) NOPASSWD: ALL +%ftptrainee FTPHOSTS=(dak-unpriv) NOPASSWD: /usr/bin/lintian # some groups are in apachectrl on "their" hosts so they can reload apache and update their vhost %apachectrl ALL=(root) /usr/sbin/apache2-vhost-update @@ -125,6 +136,9 @@ dak ALL=(dak-unpriv) NOPASSWD: ALL Defaults:buildd env_reset,env_keep+="APT_CONFIG DEBIAN_FRONTEND" buildd ALL=(ALL) NOPASSWD: ALL +%planet senfl=(staticsync) NOPASSWD: /usr/local/bin/static-update-component planet.debian.org +%debbits master=(staticsync) NOPASSWD: /usr/local/bin/static-update-component bits.debian.org + # The piuparts slave needs to handle chroots piupartss piatti=(ALL) NOPASSWD: ALL # trigger of mirror run for packages @@ -166,17 +180,16 @@ debwww WEBHOSTS=(archvsync) NOPASSWD: /home/archvsync/webmirrors/runmirrors # geodns may reload bind geodnssync geo1,geo2,geo3=(root) NOPASSWD: /etc/init.d/bind9 reload geodnssync geo1,geo2,geo3=(root) NOPASSWD: /usr/sbin/rndc reconfig -# fossology -%fossy vivaldi=(root) /etc/init.d/fossology -%fossy vivaldi=(fossy) ALL +# pushed nagiosadm reload icinga on tchaikovsky +nagiosadm tchaikovsky=(root) NOPASSWD: /usr/sbin/service icinga reload # Porter work -%porter-armel abel,agricola=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-armel harris=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-amd64 barriere,pergolesi=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-hppa paer=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-ia64 merulo=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-mips eder,gabrielli=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-ppc partch=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-s390 zelenka=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot -%porter-sparc smetana,sperger=(root) NOPASSWD: /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-armel abel,agricola=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-armel harris=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-amd64 barriere,pergolesi=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-bsd falla,fischer=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-ia64 merulo=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-mips eder,gabrielli=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-ppc partch=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-s390 zelenka=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot +%porter-sparc smetana,sperger=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot