diff options
| author | Mattia Rizzolo <mattia@mapreri.org> | 2015-04-09 01:34:42 +0200 |
|---|---|---|
| committer | Holger Levsen <holger@layer-acht.org> | 2015-04-09 17:00:19 +0200 |
| commit | 9ccd3bc1202498c6c940409aa65124b68ecda735 (patch) | |
| tree | 22e89bfd89f73e45b3951186462014b4bda7df30 /etc | |
| parent | efcc68a2485ed35389eed873462ac97743dd1896 (diff) | |
| download | jenkins.debian.net-9ccd3bc1202498c6c940409aa65124b68ecda735.tar.xz | |
new jenkins-adm user+group and new permissions for its members
* new user jenkins-adm and new group jenkins-adm
* create users and groupp in update_jdn.sh
* files under /srv/jenkins/bin are now jenkins-adm:jenkins-adm, instead of root
* jenkins-specific apache config is now jenkins-adm:jenkins-adm, instead of root
* users in the jenkins-adm group can sudo to the jenkins-adm and jenkins users,
so its members can actually admin jenkins without passing/being root
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/sudoers.d/jenkins-adm | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/sudoers.d/jenkins-adm b/etc/sudoers.d/jenkins-adm new file mode 100644 index 00000000..5cee89f0 --- /dev/null +++ b/etc/sudoers.d/jenkins-adm @@ -0,0 +1,4 @@ +# allow member of the jenkins-adm group to sudo-to the jenkins-adm user (owner +# of jenkins script) and the jenkins user itself +%jenkins-adm ALL=(jenkins:jenkins) NOPASSWD: ALL +%jenkins-adm ALL=(jenkins-amd:jenkins-adm) NOPASSWD: ALL |