new group: pkg_maint, and on powell that needs to trigger archvsync

diff --git a/manifests/site.pp b/manifests/site.pp
index 19766c038dbcde7041f9310ca2a082241fb453c7..ae08b6cd4ff3cd6e8e5ab994ec4b886502a28a4c 100644 (file)
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -45,7 +45,7 @@ node default {
 
     # test here first
     case $hostname {
-        handel,geo1,geo2,geo3,wieck,brahms,bartok,spohr,sperger,carver,rore,malo,peri,penalosa,praetorius,schein,villa,lobos,steffani,kassia,pergolesi,lafayette,rem,albeniz,goetz,smetana,allegri,puccini,ball,argento,arcadelt,dijkstra,schumann,caballero,voltaire,pescetti,mundy,agricola,goedel,lebrun,mayer,mayr,merulo,morales,murphy,paer,saens,schroeder,spontini,widor,zelenka,agnesi,piatti:    { include sudo }
+        handel,geo1,geo2,geo3,wieck,brahms,bartok,spohr,sperger,carver,rore,malo,peri,penalosa,praetorius,schein,villa,lobos,steffani,kassia,pergolesi,lafayette,rem,albeniz,goetz,smetana,allegri,puccini,ball,argento,arcadelt,dijkstra,schumann,caballero,voltaire,pescetti,mundy,agricola,goedel,lebrun,mayer,mayr,merulo,morales,murphy,paer,saens,schroeder,spontini,widor,zelenka,agnesi,piatti,powell:    { include sudo }
         default:   {}
     }
 }

diff --git a/modules/sudo/files/common/sudoers b/modules/sudo/files/common/sudoers
index 9601666a10dd6b518e6dc160c45f08090c99d6e1..9ee66eed4ac6723474456969bc4fb5dc929d6230 100644 (file)
--- a/modules/sudo/files/common/sudoers
+++ b/modules/sudo/files/common/sudoers
@@ -51,6 +51,7 @@ nagios                ALL=(ALL)       NOPASSWD: /usr/sbin/hpacucli controller slot=0 show status
 %mirroradm     ALL=(archvsync) ALL
 %piuparts      ALL=(piupartsm) ALL
 %piuparts      ALL=(piupartss) ALL
+%pkg_maint     ALL=(pkg_user)  ALL
 %uddadm                ALL=(udd)       ALL
 %wikiadm       ALL=(wiki)      ALL
 
@@ -63,3 +64,5 @@ buildd                ALL=(ALL)       NOPASSWD: ALL
 %buildd                ALL=(buildd)    ALL
 # The piuparts slave needs to handle chroots
 piupartss      piatti=(ALL)    NOPASSWD: ALL
+# trigger of mirror run for packages
+pkg_user       powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo

diff --git a/modules/sudo/files/per-host/powell.debian.org/sudoers b/modules/sudo/files/per-host/powell.debian.org/sudoers
deleted file mode 100644 (file)
index 6b12d19..0000000
--- a/modules/sudo/files/per-host/powell.debian.org/sudoers
+++ /dev/null
@@ -1,35 +0,0 @@
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-##
-
-# /etc/sudoers
-#
-# This file MUST be edited with the 'visudo' command as root.
-#
-# See the man page for details on how to write a sudoers file.
-#
-
-Defaults       env_reset
-
-# Host alias specification
-
-# User alias specification
-
-# Cmnd alias specification
-
-# User privilege specification
-root   ALL=(ALL) ALL
-
-# Debian-admin
-%adm    ALL=(ALL) ALL
-%adm    ALL=(ALL) NOPASSWD: /usr/bin/apt-get update, /usr/bin/apt-get dist-upgrade, /usr/bin/apt-get clean, /usr/sbin/samhain -t check -i -p err -s none -l none -m none
-
-%pkg_maint ALL=(pkg_user) ALL
-%mirroradm ALL=(archvsync) ALL
-pkg_user ALL=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
-
-nagios  ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/dsa-check-dabackup ""
-nagios  ALL=(ALL) NOPASSWD: /usr/local/bin/tw_cli info c0 u0 status
-nagios  ALL=(ALL) NOPASSWD: /usr/sbin/samhain -t check --foreground -p err -s none -l none -m none
-nagios  ALL=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info