d10a8a0672
Ignore-this: 67cdee8f32d7581493d12617ddc97bc2 Bcfg2 a subi deux releases, qui ont pas mal changé les "normes". Les balises suivntes sont remplacées : <ConfigFile> ---------------------------> <Path type="file"> <Directory> ---------------------------> <Path type="directory"> <SymLink> ---------------------------> <Path type="symlink"> etc Pour les fichiers python, désormais, on utilise plus <ConfigFile>, mais <Python> darcs-hash:20121211100127-b6762-f146f4460e9713cb59a25c33a08b551c5280f3b2.gz
73 lines
2.6 KiB
Python
73 lines
2.6 KiB
Python
# -*- coding: utf-8; mode: python -*-
|
|
|
|
info["perms"] = 0440
|
|
|
|
header("Configuration du sudo")
|
|
|
|
if has("users"):
|
|
@Defaults:ALL tty_tickets
|
|
|
|
if has("wheezy"):
|
|
addit = ":ALL"
|
|
else:
|
|
addit = ""
|
|
|
|
@Defaults env_keep += "DARCS_EMAIL"
|
|
|
|
@# Host alias specification
|
|
|
|
@# User alias specification
|
|
@User_Alias NOUNOUS= %adm
|
|
if has("users"):
|
|
@User_Alias RESPBATS= %respbats
|
|
@User_Alias MODEROS= %moderateurs
|
|
@User_Alias IMPRIMEURS= %imprimeurs
|
|
@User_Alias BUREAU= %bureau
|
|
@Runas_Alias USERS= %users
|
|
|
|
elif has("2B"):
|
|
@User_Alias RESPBATS= %respbats
|
|
|
|
@# Cmnd alias specification
|
|
|
|
@# User privilege specification
|
|
print "root ALL=(ALL%s) ALL" % (addit)
|
|
print "NOUNOUS ALL=(ALL%s) ALL" % (addit)
|
|
|
|
if has("2B"):
|
|
print "RESPBATS ALL=(respbats%s) NOPASSWD: /usr/scripts/gestion/tools/who2b.py" % (addit)
|
|
|
|
if has("users"):
|
|
@# Les modérateurs ont le whos
|
|
print "MODEROS ALL=(respbats%s) /usr/scripts/gestion/whos.py" % (addit)
|
|
|
|
@# Câbleurs
|
|
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/gest_crans.py,/usr/scripts/gestion/chgpass.py" % (addit)
|
|
print "RESPBATS ALL=(respbats%s) /usr/scripts/admin/mail_invalide/mail_invalide.py, /usr/scripts/admin/controle_tresorier.py, /usr/scripts/admin/controle_tresorier2.py, /usr/scripts/admin/controle_tresorier3.py" % (addit)
|
|
print "RESPBATS ALL=(respbats%s) NOPASSWD: /usr/scripts/gestion/whos.py,/usr/scripts/utils/chambre.py,/usr/scripts/stats_cableurs.py,/usr/scripts/gestion/tools/whokfet.py" % (addit)
|
|
print "RESPBATS ALL=(respbats%s) /usr/scripts/gestion/ressuscite.py" % (addit)
|
|
|
|
@# Bureau
|
|
print "BUREAU ALL=(respbats%s) /usr/scripts/admin/controle_charte_MA.py, /usr/scripts/admin/menage_cableurs.py" % (addit)
|
|
|
|
@# intranet
|
|
print "respbats ALL=(USERS%s) NOPASSWD: /usr/scripts/gestion/config_mail.py" % (addit)
|
|
print "respbats ALL=(root%s) NOPASSWD: /usr/local/bin/quota" % (addit)
|
|
|
|
@# Génération de codes impression pour les imprimeurs
|
|
print "IMPRIMEURS ALL=(root%s) /usr/scripts/impression/gen_code.py" % (addit)
|
|
|
|
@# Redémarrage de l'intranet pour les imprimeurs
|
|
print "IMPRIMEURS ALL=(root%s) /usr/scripts/impression/redemarre_intranet.sh" % (addit)
|
|
|
|
@# Un chsh pour tout le monde
|
|
print "ALL ALL=(respbats%s) /usr/scripts/gestion/chsh.py, NOPASSWD:/usr/local/bin/ldap_whoami" % (addit)
|
|
@# Quotas
|
|
print "ALL ALL=(respbats%s) NOPASSWD:/usr/local/bin/quota.sh" % (addit)
|
|
|
|
if has('arpwatch'):
|
|
@# arpwatch
|
|
print "arpwatch ALL=(arpwatch%s) NOPASSWD:/usr/scripts/surveillance/arpwatch_sendmail.py" % (addit)
|
|
|
|
# Inclusion de fichier locaux
|
|
@#includedir /etc/sudoers.d
|