allow nagios to check puppet's ca cert
authorPeter Palfrader <peter@palfrader.org>
Wed, 5 Aug 2015 06:59:21 +0000 (08:59 +0200)
committerPeter Palfrader <peter@palfrader.org>
Wed, 5 Aug 2015 06:59:21 +0000 (08:59 +0200)
modules/sudo/files/sudoers

index 247993f..c36c0c3 100644 (file)
@@ -59,6 +59,7 @@ nagios                ALL=(ALL)       NOPASSWD: /usr/lib/nagios/plugins/dsa-check-filesystems ""
 nagios         ALL=(ALL)       NOPASSWD: /usr/lib/nagios/plugins/dsa-check-libs ""
 nagios         ALL=(ALL)       NOPASSWD: /usr/lib/nagios/plugins/dsa-check-stunnel-sanity ""
 nagios         ALL=(ALL)       NOPASSWD: /usr/local/sbin/dsa-check-libs ""
+nagios         handel=(ALL)    NOPASSWD: /usr/lib/nagios/plugins/dsa-check-cert-expire /var/lib/puppet/ssl/certs/ca.pem
 # with smartarray controllers
 nagios         ALL=(ALL)       NOPASSWD: /sbin/hpasmcli ""
 nagios         ALL=(ALL)       NOPASSWD: /usr/bin/arrayprobe ""