X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsudo%2Ffiles%2Fsudoers;h=a46afc056aa063a8d18d080b0be2ec98abb7bc1a;hb=67db5724b6dd3c1e629dfe0be5db20821ffcc0f7;hp=445e40851b3b773ac016af7a62203aacaedd0ff3;hpb=760f74512f8a7993ea68648d6693dc93d6a01f5e;p=mirror%2Fdsa-puppet.git diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers index 445e40851..a46afc056 100644 --- a/modules/sudo/files/sudoers +++ b/modules/sudo/files/sudoers @@ -32,11 +32,10 @@ Host_Alias MEGARAIDHOSTS = rautavaara, sibelius Host_Alias MEGACTLHOSTS = nielsen Host_Alias LISTHOSTS = bendel Host_Alias BUILDD_MASTER = wuiet -Host_Alias BUILDD_PORTS_MASTER = portman Host_Alias PORTERBOXES = abel, asachi, barriere, etler, falla, fischer, harris, merulo, minkus, partch, plummer, pizzetti, smetana, zelenka Host_Alias PIUPARTS_SLAVE_HOSTS = piu-slave-bm-a Host_Alias MQ_HOSTS = rainier, rapoport -Host_Alias NOVAHOSTS = oyens, bm-bl9, bm-bl10, bm-bl11, bm-bl12 +Host_Alias NOVAHOSTS = oyens # Cmnd alias specification @@ -107,6 +106,7 @@ nagios storace=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backuppg %debadmin ALL=(dak) ALL %debbugs ALL=(debbugs) ALL %debbugs ALL=(debbugs-mirror) ALL +%debconfstatic ALL=(debconfstatic) ALL %debdelta ALL=(debdelta) ALL %debian-cd ALL=(debian-cd) ALL %debian-i18n ALL=(debian-i18n) ALL @@ -121,6 +121,8 @@ nagios storace=(debbackup) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-backuppg %emdebian ALL=(emdebian) ALL %forums ALL=(forums) ALL %gitdoadm ALL=(gitdoadm) ALL +# the git user also exists on adayevskaya where it's a different service.. +%gitdoadm gigault=(git) ALL %httpredir ALL=(httpredir) ALL %httpredir ALL=(httpredir-app) ALL %keyring ALL=(keyring) ALL @@ -197,19 +199,29 @@ debwww wolkenstein=(staticsync) NOPASSWD: /usr/local/bin/static-update-componen %publicity dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component timeline.debian.net pabs dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component timeline.debian.net %lintian lindsay=(staticsync) NOPASSWD: /usr/local/bin/static-update-component lintian.debian.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component 10years.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf0.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf1.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf2.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf3.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf4.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf5.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf6.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component debconf7.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component es.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component fr.debconf.org +%debconfstatic dillon=(staticsync) NOPASSWD: /usr/local/bin/static-update-component miniconf10.debconf.org # The piuparts slave needs to handle chroots piupartss PIUPARTS_SLAVE_HOSTS=(ALL) NOPASSWD: ALL # trigger of mirror run for packages #pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo dnsadm denis=(root) NOPASSWD: /usr/sbin/service bind9 reload +letsencrypt denis=(dnsadm) NOPASSWD: /srv/dns.debian.org/bin/update %adm draghi=(puppet) NOPASSWD: /usr/bin/make -s -C /srv/db.debian.org/var/gitnagios/dsa-nagios/config install # wbadm can update all buildd* users' keys on buildd.d.o %wbadm BUILDD_MASTER=(wb-buildd) ALL %wbadm BUILDD_MASTER=(root) /usr/local/bin/update-buildd-sshkeys -# wbadm can update all buildd* users' keys on buildd.d.o -%wbadm-ports BUILDD_PORTS_MASTER=(wb-buildd) ALL -%wbadm-ports BUILDD_PORTS_MASTER=(root) /usr/local/bin/update-buildd-sshkeys # mirror push dak FTPHOSTS,SECHOSTS=(archvsync) NOPASSWD:/home/archvsync/runmirrors dak franck=(backports) NOPASSWD: /home/backports/bin/update-archive @@ -228,6 +240,7 @@ dak SECHOSTS=(archvsync) NOPASSWD: /home/archvsync/signal_security debwww WEBHOSTS=(archvsync) NOPASSWD: /home/archvsync/webmirrors/runmirrors %publicity WEBHOSTS=(debwww) /srv/www.debian.org/update-part News %debvote WEBHOSTS=(debwww) /srv/www.debian.org/update-part vote +%d-i WEBHOSTS=(debwww) /srv/www.debian.org/update-part devel/debian-installer # more list stuff %list LISTHOSTS=(root) /usr/sbin/postfix reload %list stockhausen=(root) /usr/sbin/service jetty restart