diff options
| author | Vagrant Cascadian <vagrant@debian.org> | 2017-08-02 17:03:03 -0400 |
|---|---|---|
| committer | Holger Levsen <holger@layer-acht.org> | 2017-08-03 16:22:39 -0400 |
| commit | 4c5ea6af7385064575531b1572c9bebf999b005d (patch) | |
| tree | c8528a53c4157d3e5b945149e887f5eaf117a247 /hosts/jtx1b-armhf-rb/etc/sudoers.d | |
| parent | 34c1dd358e6879664f12703ccdcd1e88f11854b1 (diff) | |
| download | jenkins.debian.net-4c5ea6af7385064575531b1572c9bebf999b005d.tar.xz | |
reproducible: Add two new armhf builders (jtk1b, jtx1b).
Temporarily disable two armhf build nodes (jtk1a down, ff64a too
slow).
Add an additional build job, as the new machines have more capacity
than the old.
Signed-off-by: Holger Levsen <holger@layer-acht.org>
Diffstat (limited to 'hosts/jtx1b-armhf-rb/etc/sudoers.d')
| -rw-r--r-- | hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins | 51 | ||||
| -rw-r--r-- | hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins-adm | 7 |
2 files changed, 58 insertions, 0 deletions
diff --git a/hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins b/hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins new file mode 100644 index 00000000..d249be94 --- /dev/null +++ b/hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins @@ -0,0 +1,51 @@ +jenkins ALL= \ + NOPASSWD: /usr/sbin/debootstrap *, \ + /usr/bin/tee /schroots/*, \ + /usr/bin/tee -a /schroots/*, \ + /usr/bin/tee /etc/schroot/chroot.d/jenkins*, \ + /bin/chmod +x /schroots/*, \ + /usr/sbin/chroot /schroots/*, \ + /usr/sbin/chroot /chroots/*, \ + /usr/sbin/chroot /media/*, \ + /bin/ls -la /media/*, \ + /bin/rm -rf --one-file-system /chroots/*, \ + /bin/rm -rf --one-file-system /schroots/*, \ + /bin/rm -rf --one-file-system /srv/live-build/*, \ + /bin/rm -rf --one-file-system /srv/workspace/pbuilder/*, \ + /bin/cp -v *.iso /srv/live-build/results/*, \ + /bin/mv /chroots/* /schroots/*, \ + /bin/mv /schroots/* /schroots/*, \ + /bin/umount -l /chroots/*, \ + /bin/umount -l /schroots/*, \ + /bin/umount -l /media/*, \ + /bin/rmdir /media/*, \ + /bin/mount -o loop*, \ + /bin/mount --bind *, \ + /usr/bin/du *, \ + /bin/kill *, \ + /usr/bin/file *, \ + /bin/dd if=/dev/zero of=/dev/jenkins*, \ + /usr/bin/qemu-system-x86_64 *, \ + /usr/bin/qemu-img *, \ + /sbin/lvcreate *, /sbin/lvremove *, \ + /bin/mkdir -p /media/*, \ + /usr/bin/guestmount *, \ + /bin/cp -rv /media/*, \ + /bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*,\ + SETENV: NOPASSWD: /usr/sbin/pbuilder *, \ + SETENV: NOPASSWD: /usr/bin/timeout -k ??.?h ??h /usr/bin/ionice -c 3 /usr/bin/nice /usr/sbin/pbuilder *, \ + SETENV: NOPASSWD: /usr/bin/timeout -k ??.?h ??h /usr/bin/ionice -c 3 /usr/bin/nice -n 11 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \ + /bin/mv /var/cache/pbuilder/*base*.tgz /var/cache/pbuilder/*base*.tgz, \ + /bin/rm /var/cache/pbuilder/*base*.tgz, \ + /bin/rm -v /var/cache/pbuilder/*base*.tgz, \ + /bin/rm /var/cache/pbuilder/result/*, \ + /usr/bin/dcmd rm *.changes, \ + /usr/bin/dcmd rm *.dsc, \ + /usr/bin/apt-get update, \ + /usr/bin/killall timeout, \ + /usr/sbin/slay 1111, \ + /usr/sbin/slay 2222, \ + /usr/sbin/slay jenkins + +# keep these environment variables +Defaults env_keep += "http_proxy", env_reset diff --git a/hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins-adm b/hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins-adm new file mode 100644 index 00000000..3c357be2 --- /dev/null +++ b/hosts/jtx1b-armhf-rb/etc/sudoers.d/jenkins-adm @@ -0,0 +1,7 @@ +# allow member of the jenkins-adm group to sudo-to the jenkins-adm user (owner +# of jenkins script) and the jenkins user itself +%jenkins-adm ALL=(jenkins:jenkins) NOPASSWD: ALL +%jenkins-adm ALL=(jenkins-adm:jenkins-adm) NOPASSWD: ALL +# allow jenkins-adm to run everything as root +%jenkins-adm ALL= NOPASSWD: ALL + |