From c43b4f3e2d537a1e9c2ff510f071d233f202bc50 Mon Sep 17 00:00:00 2001
From: Holger Levsen <holger@layer-acht.org>
Date: Fri, 26 May 2017 23:27:53 +0200
Subject: reproducible Debian: add niceness variation (Closes: #863440)

Signed-off-by: Holger Levsen <holger@layer-acht.org>
---
 .../etc/sudoers.d/jenkins                          | 39 ++++++++++++++++++++++
 1 file changed, 39 insertions(+)

(limited to 'hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins')

diff --git a/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins b/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins
index a2d8890b..d249be94 100644
--- a/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins
+++ b/hosts/profitbricks-build9-amd64/etc/sudoers.d/jenkins
@@ -1,8 +1,47 @@
 jenkins ALL=  \
 	NOPASSWD: /usr/sbin/debootstrap *, \
+	/usr/bin/tee /schroots/*, \
+	/usr/bin/tee -a /schroots/*, \
+	/usr/bin/tee /etc/schroot/chroot.d/jenkins*, \
+	/bin/chmod +x /schroots/*, \
+	/usr/sbin/chroot /schroots/*, \
 	/usr/sbin/chroot /chroots/*, \
+	/usr/sbin/chroot /media/*, \
+	/bin/ls -la /media/*, \
 	/bin/rm -rf --one-file-system /chroots/*, \
+	/bin/rm -rf --one-file-system /schroots/*, \
+	/bin/rm -rf --one-file-system /srv/live-build/*, \
+	/bin/rm -rf --one-file-system /srv/workspace/pbuilder/*, \
+	/bin/cp -v *.iso /srv/live-build/results/*, \
+	/bin/mv /chroots/* /schroots/*, \
+	/bin/mv /schroots/* /schroots/*, \
 	/bin/umount -l /chroots/*, \
+	/bin/umount -l /schroots/*, \
+	/bin/umount -l /media/*, \
+	/bin/rmdir /media/*, \
+	/bin/mount -o loop*, \
+	/bin/mount --bind *, \
+	/usr/bin/du *, \
+	/bin/kill *, \
+	/usr/bin/file *, \
+	/bin/dd if=/dev/zero of=/dev/jenkins*, \
+	/usr/bin/qemu-system-x86_64 *, \
+	/usr/bin/qemu-img *, \
+	/sbin/lvcreate *, /sbin/lvremove *, \
+	/bin/mkdir -p /media/*, \
+	/usr/bin/guestmount *, \
+	/bin/cp -rv /media/*, \
+	/bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*,\
+	SETENV: NOPASSWD: /usr/sbin/pbuilder *, \
+	SETENV: NOPASSWD: /usr/bin/timeout -k ??.?h ??h /usr/bin/ionice -c 3 /usr/bin/nice /usr/sbin/pbuilder *, \
+	SETENV: NOPASSWD: /usr/bin/timeout -k ??.?h ??h /usr/bin/ionice -c 3 /usr/bin/nice -n 11 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \
+	/bin/mv /var/cache/pbuilder/*base*.tgz /var/cache/pbuilder/*base*.tgz, \
+	/bin/rm /var/cache/pbuilder/*base*.tgz, \
+	/bin/rm -v /var/cache/pbuilder/*base*.tgz, \
+	/bin/rm /var/cache/pbuilder/result/*, \
+	/usr/bin/dcmd rm *.changes, \
+	/usr/bin/dcmd rm *.dsc, \
+	/usr/bin/apt-get update, \
 	/usr/bin/killall timeout, \
 	/usr/sbin/slay 1111, \
 	/usr/sbin/slay 2222, \
-- 
cgit v1.2.3-54-g00ecf