Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
-Host_Alias QAHOSTS = master, quantz, stabile
+Host_Alias QAHOSTS = quantz, stabile
Host_Alias WEBHOSTS = wolkenstein
Host_Alias SECHOSTS = chopin
-Host_Alias FTPHOSTS = franck, morricone, bizet
+Host_Alias FTPHOSTS = franck, morricone
Host_Alias ZIVITHOSTS = zelenka, zandonai
-Host_Alias AACRAIDHOSTS = bellini, morricone, paganini, respighi, vivaldi, beethoven, pettersson
+Host_Alias AACRAIDHOSTS = bellini, morricone, paganini, respighi, beethoven, pettersson
Host_Alias MEGARAIDHOSTS = grieg, rautavaara, sibelius
-Host_Alias MPTRAIDHOSTS = master, fasch, holter, barber, biber, cilea, vitry, krenek, scelsi, orff, field
-Host_Alias MEGACTLHOSTS = lindberg, englund, heininen, nielsen
+Host_Alias MPTRAIDHOSTS = old-master, fasch, holter, barber, biber, cilea, vitry, krenek, orff
+Host_Alias MEGACTLHOSTS = lindberg, englund, nielsen
Host_Alias LISTHOSTS = bendel
# Cmnd alias specification
# nagios
nagios ALL=(ALL) NOPASSWD: /etc/init.d/ekeyd-egd-linux restart
nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup ""
+nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-filesystems ""
# with smartarray controllers
nagios ALL=(ALL) NOPASSWD: /sbin/hpasmcli ""
nagios ALL=(ALL) NOPASSWD: /usr/bin/arrayprobe ""
nagios franck=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=1 enclosure 1E\:1 show detail
# other raid controllers
-nagios powell=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info
+#nagios powell=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info
nagios puccini=(ALL) NOPASSWD: /usr/local/bin/tw_cli info c0 u0 status
nagios MPTRAIDHOSTS=(ALL) NOPASSWD: /usr/sbin/mpt-status -s
nagios AACRAIDHOSTS=(ALL) NOPASSWD: /usr/local/bin/arcconf GETCONFIG 1 LD, /usr/local/bin/arcconf GETCONFIG 1 AD
%volatile ALL=(volatile) ALL
%wbadm ALL=(wbadm) ALL
%mujeres ALL=(women) ALL
-%wikiadm ALL=(wiki) ALL
+%wikiadm ALL=(wiki,wikiweb) ALL
%qa-core QAHOSTS=(qa) ALL
%gobby gombert=(gobby) ALL
# the dak user gets to run stuff as dak-unpriv (for things like lintian checks)
dak ALL=(dak-unpriv) NOPASSWD: ALL
+%ftptrainee FTPHOSTS=(dak-unpriv) NOPASSWD: /usr/bin/lintian
# some groups are in apachectrl on "their" hosts so they can reload apache and update their vhost
%apachectrl ALL=(root) /usr/sbin/apache2-vhost-update
Defaults:buildd env_reset,env_keep+="APT_CONFIG DEBIAN_FRONTEND"
buildd ALL=(ALL) NOPASSWD: ALL
+%planet senfl=(staticsync) NOPASSWD: /usr/local/bin/static-update-component planet.debian.org
+%debbits master=(staticsync) NOPASSWD: /usr/local/bin/static-update-component bits.debian.org
+%backports franck,ries=(staticsync) NOPASSWD: /usr/local/bin/static-update-component backports.debian.org
+
# The piuparts slave needs to handle chroots
piupartss piatti=(ALL) NOPASSWD: ALL
# trigger of mirror run for packages
-pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
+#pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
# on draghi, the domains git thing will run bind9 reload afterwards
%dnsadm draghi,orff=(root) NOPASSWD: /etc/init.d/bind9 reload
%dnsadm draghi,orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo
# geodns may reload bind
geodnssync geo1,geo2,geo3=(root) NOPASSWD: /etc/init.d/bind9 reload
geodnssync geo1,geo2,geo3=(root) NOPASSWD: /usr/sbin/rndc reconfig
-# fossology
-%fossy vivaldi=(root) /etc/init.d/fossology
-%fossy vivaldi=(fossy) ALL
+# pushed nagiosadm reload icinga on tchaikovsky
+nagiosadm tchaikovsky=(root) NOPASSWD: /usr/sbin/service icinga reload
# Porter work
%porter-armel abel,agricola=(root) /usr/sbin/upgrade-porter-chroots, /usr/bin/apt-in-chroot
projects / dsa-puppet.git / blobdiff