Allow nagios to check the SSL CA cert

diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers
index 6882977..a134ca0 100644 (file)
--- a/modules/sudo/files/sudoers
+++ b/modules/sudo/files/sudoers
@@ -64,6 +64,7 @@ nagios                ALL=(ALL)       NOPASSWD: /usr/lib/nagios/plugins/dsa-check-libs --ignore-youn
 nagios         ALL=(ALL)       NOPASSWD: /usr/lib/nagios/plugins/dsa-check-stunnel-sanity ""
 nagios         ALL=(ALL)       NOPASSWD: /usr/lib/nagios/plugins/dsa-check-systemd-services ""
 nagios         handel=(puppet) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-cert-expire /var/lib/puppet/ssl/certs/ca.pem
+nagios         handel=(puppet) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-cert-expire /srv/puppet.debian.org/ca/ca.crt
 # with smartarray controllers
 nagios         ALL=(ALL)       NOPASSWD: /sbin/hpasmcli ""
 nagios         ALL=(ALL)       NOPASSWD: /usr/bin/arrayprobe ""