diff options
author | Holger Levsen <holger@layer-acht.org> | 2016-04-28 20:25:15 +0200 |
---|---|---|
committer | Holger Levsen <holger@layer-acht.org> | 2016-04-28 20:25:15 +0200 |
commit | ec764124480dc7b269dd5227aedbcf58b95f324c (patch) | |
tree | 8c1c80852fc4011efe47a73f56e10afa77ee9cc7 /hosts/profitbricks-build9-amd64/etc/sudoers.d | |
parent | 8e9dd4ea89dc6e0035014d0a6ba9ab1423126ef3 (diff) | |
download | jenkins.debian.net-ec764124480dc7b269dd5227aedbcf58b95f324c.tar.xz |
rename pb-build4 to pb-build9
Diffstat (limited to 'hosts/profitbricks-build9-amd64/etc/sudoers.d')
-rw-r--r-- | hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins | 12 | ||||
-rw-r--r-- | hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins-adm | 7 |
2 files changed, 19 insertions, 0 deletions
diff --git a/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins b/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins new file mode 100644 index 00000000..a2d8890b --- /dev/null +++ b/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins @@ -0,0 +1,12 @@ +jenkins ALL= \ + NOPASSWD: /usr/sbin/debootstrap *, \ + /usr/sbin/chroot /chroots/*, \ + /bin/rm -rf --one-file-system /chroots/*, \ + /bin/umount -l /chroots/*, \ + /usr/bin/killall timeout, \ + /usr/sbin/slay 1111, \ + /usr/sbin/slay 2222, \ + /usr/sbin/slay jenkins + +# keep these environment variables +Defaults env_keep += "http_proxy", env_reset diff --git a/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins-adm b/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins-adm new file mode 100644 index 00000000..3c357be2 --- /dev/null +++ b/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins-adm @@ -0,0 +1,7 @@ +# allow member of the jenkins-adm group to sudo-to the jenkins-adm user (owner +# of jenkins script) and the jenkins user itself +%jenkins-adm ALL=(jenkins:jenkins) NOPASSWD: ALL +%jenkins-adm ALL=(jenkins-adm:jenkins-adm) NOPASSWD: ALL +# allow jenkins-adm to run everything as root +%jenkins-adm ALL= NOPASSWD: ALL + |