API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 12th, 2018
138
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.10 KB | None | 0 0
raw download clone embed print report
  1. ###############################################################
  2. # #
  3. # This file is managed by puppet. Any changes you make #
  4. # will be overwritten. If you need to make changes to this #
  5. # file please submit a ticket to the DevOps group. #
  6. # #
  7. ###############################################################
  8.  
  9. #
  10. # This file MUST be edited with the 'visudo' command as root.
  11. #
  12. # Please consider adding local content in /etc/sudoers.d/ instead of
  13. # directly modifying this file.
  14. #
  15. # See the man page for details on how to write a sudoers file.
  16. #
  17. Defaults env_reset
  18. Defaults mail_badpass
  19. Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
  20.  
  21. # Host alias specification
  22.  
  23. # User alias specification
  24.  
  25. # Cmnd alias specification
  26.  
  27. # User privilege specification
  28. root ALL=(ALL:ALL) ALL
  29.  
  30. # Members of the admin group may gain root privileges
  31. %admin ALL=(ALL) ALL
  32.  
  33. # Allow members of group sudo to execute any command
  34. %sudo ALL=(ALL:ALL) ALL
  35.  
  36. ## Allow people in the AD group Linux-sudo-access to run all commands
  37. %Linux-sudo-access ALL=(ALL) ALL
  38. %Linux-sudo-access ALL=(APPUSERS) NOPASSWD: ALL
  39.  
  40. ## Allow developers access to the shared environment users
  41. <% if @hostname =~ /ps-[p]?migration-db/ -%>
  42. Runas_Alias APPUSERS = dev,test,stage,prod,worker,gitlab-runner,migration
  43. <% else -%>
  44. Runas_Alias APPUSERS = dev,test,stage,prod,worker,gitlab-runner
  45. <% end -%>
  46. %Linux-access ALL=(APPUSERS) NOPASSWD: ALL
  47.  
  48. ## Allows the devops user to deploy. This isn't used normally but is setup just in case we have an issue with AD and need to deploy with a local user
  49. devops ALL=(APPUSERS) NOPASSWD: ALL
  50. <% if @hostname =~ /ps-[p]?migration-db/ -%>
  51.  
  52. ## Allows migration user to kick off script used for managing the migration env DBs
  53. migration ALL=(root) NOPASSWD: /home/devops/scripts/migration_test.sh
  54. <% end -%>
  55.  
  56. # See sudoers(5) for more information on "#include" directives:
  57.  
  58. #includedir /etc/sudoers.d
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!