From: Peter Palfrader Date: Wed, 8 Apr 2009 07:45:36 +0000 (+0200) Subject: new group: pkg_maint, and on powell that needs to trigger archvsync X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=18ede88d9036abeae8ba6b675cf406bbaebaf90d;p=mirror%2Fdsa-puppet.git new group: pkg_maint, and on powell that needs to trigger archvsync --- diff --git a/manifests/site.pp b/manifests/site.pp index 19766c038..ae08b6cd4 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -45,7 +45,7 @@ node default { # test here first case $hostname { - handel,geo1,geo2,geo3,wieck,brahms,bartok,spohr,sperger,carver,rore,malo,peri,penalosa,praetorius,schein,villa,lobos,steffani,kassia,pergolesi,lafayette,rem,albeniz,goetz,smetana,allegri,puccini,ball,argento,arcadelt,dijkstra,schumann,caballero,voltaire,pescetti,mundy,agricola,goedel,lebrun,mayer,mayr,merulo,morales,murphy,paer,saens,schroeder,spontini,widor,zelenka,agnesi,piatti: { include sudo } + handel,geo1,geo2,geo3,wieck,brahms,bartok,spohr,sperger,carver,rore,malo,peri,penalosa,praetorius,schein,villa,lobos,steffani,kassia,pergolesi,lafayette,rem,albeniz,goetz,smetana,allegri,puccini,ball,argento,arcadelt,dijkstra,schumann,caballero,voltaire,pescetti,mundy,agricola,goedel,lebrun,mayer,mayr,merulo,morales,murphy,paer,saens,schroeder,spontini,widor,zelenka,agnesi,piatti,powell: { include sudo } default: {} } } diff --git a/modules/sudo/files/common/sudoers b/modules/sudo/files/common/sudoers index 9601666a1..9ee66eed4 100644 --- a/modules/sudo/files/common/sudoers +++ b/modules/sudo/files/common/sudoers @@ -51,6 +51,7 @@ nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=0 show status %mirroradm ALL=(archvsync) ALL %piuparts ALL=(piupartsm) ALL %piuparts ALL=(piupartss) ALL +%pkg_maint ALL=(pkg_user) ALL %uddadm ALL=(udd) ALL %wikiadm ALL=(wiki) ALL @@ -63,3 +64,5 @@ buildd ALL=(ALL) NOPASSWD: ALL %buildd ALL=(buildd) ALL # The piuparts slave needs to handle chroots piupartss piatti=(ALL) NOPASSWD: ALL +# trigger of mirror run for packages +pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo diff --git a/modules/sudo/files/per-host/powell.debian.org/sudoers b/modules/sudo/files/per-host/powell.debian.org/sudoers deleted file mode 100644 index 6b12d19f0..000000000 --- a/modules/sudo/files/per-host/powell.debian.org/sudoers +++ /dev/null @@ -1,35 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# /etc/sudoers -# -# This file MUST be edited with the 'visudo' command as root. -# -# See the man page for details on how to write a sudoers file. -# - -Defaults env_reset - -# Host alias specification - -# User alias specification - -# Cmnd alias specification - -# User privilege specification -root ALL=(ALL) ALL - -# Debian-admin -%adm ALL=(ALL) ALL -%adm ALL=(ALL) NOPASSWD: /usr/bin/apt-get update, /usr/bin/apt-get dist-upgrade, /usr/bin/apt-get clean, /usr/sbin/samhain -t check -i -p err -s none -l none -m none - -%pkg_maint ALL=(pkg_user) ALL -%mirroradm ALL=(archvsync) ALL -pkg_user ALL=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo - -nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup "" -nagios ALL=(ALL) NOPASSWD: /usr/local/bin/tw_cli info c0 u0 status -nagios ALL=(ALL) NOPASSWD: /usr/sbin/samhain -t check --foreground -p err -s none -l none -m none -nagios ALL=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info