crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
crans_bcfg2/Python/etc/sudoers
Daniel STAN cf86caafbe [sudoers] commande sip_message sur zamok 
Permet d'exécuter le script d'envoi de message sip sans être nounou. Ça permet
de faire des trucs kikoo comme écrire en deux lignes un plugin de highlight irc
ou alors avertir de la fin d'une compil en allant se faire un café:
$ make; echo "Build finished (status $?)" | sip_message

Bref, maintenant tout le monde peut s'en servir.
2013-10-07 00:59:27 +02:00

99 lines
3.6 KiB
Python
Raw Blame History

# -*- coding: utf-8; mode: python -*-
info["perms"] = 0440
header("Configuration du sudo")
# Suite du header
@#
@# This file MUST be edited with the 'visudo' command as root.
@#
@# Please consider adding local content in /etc/sudoers.d/ instead of
@# directly modifying this file.
@#
@# See the man page for details on how to write a sudoers file.
@#
if has("users"):
@Defaults:ALL tty_tickets
if has("wheezy"):
addit = ":ALL"
else:
addit = ""
@Defaults env_keep += "DARCS_EMAIL EDITOR"
if has("wheezy"):
@Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
@Defaults passprompt_override
@Defaults passprompt="[sudo] password for %p on %h: "
@# Host alias specification
@# User alias specification
@User_Alias NOUNOUS= %adm
if has("users"):
@User_Alias RESPBATS= %respbats
@User_Alias MODEROS= %moderateurs
@User_Alias IMPRIMEURS= %imprimeurs
@User_Alias BUREAU= %bureau
@Runas_Alias USERS= %users
elif has("2B"):
@User_Alias RESPBATS= %respbats
@# Cmnd alias specification
@# User privilege specification
print "root ALL=(ALL%s) ALL" % (addit)
print "NOUNOUS ALL=(ALL%s) ALL" % (addit)
if has("2B"):
print "RESPBATS ALL=(root%s) NOPASSWD: /usr/scripts/gestion/tools/who2b.py" % (addit)
if has("users"):
@# Les modérateurs ont le whos
print "MODEROS ALL=(respbats%s) /usr/scripts/gestion/whos.py" % (addit)
@# Câbleurs
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/gest_crans.py,/usr/scripts/gestion/chgpass.py" % (addit)
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/ldap_crans.py --zombielock" % (addit)
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/ldap_crans.py --purgelock" % (addit)
print "RESPBATS ALL=(respbats%s) /usr/scripts/admin/mail_invalide/mail_invalide.py, /usr/scripts/admin/controle_tresorier.py, /usr/scripts/admin/controle_tresorier2.py, /usr/scripts/admin/controle_tresorier3.py" % (addit)
print "RESPBATS ALL=(respbats%s) NOPASSWD: /usr/scripts/gestion/whos.py,/usr/scripts/utils/chambre.py,/usr/scripts/utils/stats_cableurs.py,/usr/scripts/gestion/tools/whokfet.py" % (addit)
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/ressuscite.py" % (addit)
@# Bureau
print "BUREAU ALL=(respbats%s) /usr/scripts/admin/controle_charte_MA.py, /usr/scripts/admin/menage_cableurs.py" % (addit)
@# intranet
print "respbats ALL=(USERS%s) NOPASSWD: /usr/scripts/gestion/config_mail.py" % (addit)
print "respbats ALL=(root%s) NOPASSWD: /usr/local/bin/quota" % (addit)
@# Génération de codes impression pour les imprimeurs
print "IMPRIMEURS ALL=(root%s) /usr/scripts/impression/gen_code.py" % (addit)
@# Redémarrage de l'intranet pour les imprimeurs
print "IMPRIMEURS ALL=(root%s) /usr/scripts/impression/redemarre_intranet.sh" % (addit)
@# Un chsh pour tout le monde
print "ALL ALL=(respbats%s) /usr/scripts/gestion/chsh.py, NOPASSWD:/usr/local/bin/ldap_whoami" % (addit)
@# Quotas
print "ALL ALL=(respbats%s) NOPASSWD:/usr/local/bin/quota.sh" % (addit)
@# Envoi de message SIP
print "ALL ALL=(respbats%s) NOPASSWD:/usr/scripts/sip/send_sms.py" % (addit)
monit_path = '/usr/%sbin/monit' % ('' if has('wheezy') else 's')
print "%%respbats ALL=(ALL) NOPASSWD: %s summary, %s status" % (monit_path, monit_path)
if has('arpwatch'):
@# arpwatch
print "arpwatch ALL=(arpwatch%s) NOPASSWD:/usr/scripts/surveillance/arpwatch_sendmail.py" % (addit)
# Inclusion de fichier locaux
@
@# See sudoers(5) for more information on "#include" directives:
@
@#includedir /etc/sudoers.d
Reference in a new issue View git blame Copy permalink