Removes nagios sudo privilege definition from evolix-users
The nagios-nrpe role will define those privileges instead.
This commit is contained in:
parent
c28e15231f
commit
965bde878f
|
@ -3,11 +3,5 @@ Defaults umask=0077
|
|||
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh, /usr/share/scripts/listupgrade.sh, /usr/bin/apt, /bin/mount
|
||||
User_Alias ADMINS = {{ user.name }}
|
||||
|
||||
nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_procs
|
||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_minifirewall
|
||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_haproxy_stats
|
||||
nagios ALL = NOPASSWD: /usr/sbin/bkctld check
|
||||
nagios ALL = (clamav) NOPASSWD: /usr/bin/clamscan /tmp/safe.txt
|
||||
|
||||
ADMINS ALL = (ALL:ALL) ALL
|
||||
ADMINS ALL = NOPASSWD: MAINT
|
||||
|
|
|
@ -2,11 +2,5 @@ Defaults umask=0077
|
|||
|
||||
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh, /usr/share/scripts/listupgrade.sh, /usr/bin/apt, /bin/mount
|
||||
|
||||
nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_procs
|
||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_minifirewall
|
||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_haproxy_stats
|
||||
nagios ALL = NOPASSWD: /usr/sbin/bkctld check
|
||||
nagios ALL = (clamav) NOPASSWD: /usr/bin/clamscan /tmp/safe.txt
|
||||
|
||||
%{{ evolinux_sudo_group }} ALL=(ALL:ALL) ALL
|
||||
%{{ evolinux_sudo_group }} ALL = NOPASSWD: MAINT
|
||||
|
|
|
@ -72,3 +72,13 @@
|
|||
notify: restart nagios-nrpe-server
|
||||
tags:
|
||||
- nagios-nrpe
|
||||
|
||||
- name: Nagios user has proper sudo privileges
|
||||
copy:
|
||||
src: nagios_sudoers
|
||||
dest: /etc/sudoers.d/nagios
|
||||
mode: "0440"
|
||||
validate: '/usr/sbin/visudo -cf %s'
|
||||
tags:
|
||||
- nagios-nrpe
|
||||
- nagios-plugins
|
Loading…
Reference in New Issue