crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
crans_bcfg2/Python/etc/sudoers
Daniel STAN a5d8def1e0 [sudoers/who2b] execution en root 
cf 7ab984dc694be220bc09a15e7632976b18fb172c (usr-scripts)
on utilise fgconsole qui a besoin d'être root.
2013-03-17 13:43:59 +01:00

79 lines
2.9 KiB
Python
Raw Blame History

# -*- coding: utf-8; mode: python -*-
info["perms"] = 0440
header("Configuration du sudo")
if has("users"):
@Defaults:ALL tty_tickets
if has("wheezy"):
addit = ":ALL"
else:
addit = ""
@Defaults env_keep += "DARCS_EMAIL EDITOR"
if has("wheezy"):
@Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
@# Host alias specification
@# User alias specification
@User_Alias NOUNOUS= %adm
if has("users"):
@User_Alias RESPBATS= %respbats
@User_Alias MODEROS= %moderateurs
@User_Alias IMPRIMEURS= %imprimeurs
@User_Alias BUREAU= %bureau
@Runas_Alias USERS= %users
elif has("2B"):
@User_Alias RESPBATS= %respbats
@# Cmnd alias specification
@# User privilege specification
print "root ALL=(ALL%s) ALL" % (addit)
print "NOUNOUS ALL=(ALL%s) ALL" % (addit)
if has("2B"):
print "RESPBATS ALL=(root%s) NOPASSWD: /usr/scripts/gestion/tools/who2b.py" % (addit)
if has("users"):
@# Les modérateurs ont le whos
print "MODEROS ALL=(respbats%s) /usr/scripts/gestion/whos.py" % (addit)
@# Câbleurs
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/gest_crans.py,/usr/scripts/gestion/chgpass.py" % (addit)
print "RESPBATS ALL=(respbats%s) /usr/scripts/admin/mail_invalide/mail_invalide.py, /usr/scripts/admin/controle_tresorier.py, /usr/scripts/admin/controle_tresorier2.py, /usr/scripts/admin/controle_tresorier3.py" % (addit)
print "RESPBATS ALL=(respbats%s) NOPASSWD: /usr/scripts/gestion/whos.py,/usr/scripts/utils/chambre.py,/usr/scripts/stats_cableurs.py,/usr/scripts/gestion/tools/whokfet.py" % (addit)
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/ressuscite.py" % (addit)
@# Bureau
print "BUREAU ALL=(respbats%s) /usr/scripts/admin/controle_charte_MA.py, /usr/scripts/admin/menage_cableurs.py" % (addit)
@# intranet
print "respbats ALL=(USERS%s) NOPASSWD: /usr/scripts/gestion/config_mail.py" % (addit)
print "respbats ALL=(root%s) NOPASSWD: /usr/local/bin/quota" % (addit)
@# Génération de codes impression pour les imprimeurs
print "IMPRIMEURS ALL=(root%s) /usr/scripts/impression/gen_code.py" % (addit)
@# Redémarrage de l'intranet pour les imprimeurs
print "IMPRIMEURS ALL=(root%s) /usr/scripts/impression/redemarre_intranet.sh" % (addit)
@# Un chsh pour tout le monde
print "ALL ALL=(respbats%s) /usr/scripts/gestion/chsh.py, NOPASSWD:/usr/local/bin/ldap_whoami" % (addit)
@# Quotas
print "ALL ALL=(respbats%s) NOPASSWD:/usr/local/bin/quota.sh" % (addit)
monit_path = '/usr/%sbin/monit' % ('' if has('wheezy') else 's')
print "%%respbats ALL=(ALL) NOPASSWD: %s summary, %s status" % (monit_path, monit_path)
if has('arpwatch'):
@# arpwatch
print "arpwatch ALL=(arpwatch%s) NOPASSWD:/usr/scripts/surveillance/arpwatch_sendmail.py" % (addit)
# Inclusion de fichier locaux
@#includedir /etc/sudoers.d
Reference in a new issue View git blame Copy permalink