Removes nagios sudo privilege definition from evolix-users
The nagios-nrpe role will define those privileges instead.
This commit is contained in:
parent
c28e15231f
commit
965bde878f
|
@ -3,11 +3,5 @@ Defaults umask=0077
|
||||||
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh, /usr/share/scripts/listupgrade.sh, /usr/bin/apt, /bin/mount
|
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh, /usr/share/scripts/listupgrade.sh, /usr/bin/apt, /bin/mount
|
||||||
User_Alias ADMINS = {{ user.name }}
|
User_Alias ADMINS = {{ user.name }}
|
||||||
|
|
||||||
nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_procs
|
|
||||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_minifirewall
|
|
||||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_haproxy_stats
|
|
||||||
nagios ALL = NOPASSWD: /usr/sbin/bkctld check
|
|
||||||
nagios ALL = (clamav) NOPASSWD: /usr/bin/clamscan /tmp/safe.txt
|
|
||||||
|
|
||||||
ADMINS ALL = (ALL:ALL) ALL
|
ADMINS ALL = (ALL:ALL) ALL
|
||||||
ADMINS ALL = NOPASSWD: MAINT
|
ADMINS ALL = NOPASSWD: MAINT
|
||||||
|
|
|
@ -2,11 +2,5 @@ Defaults umask=0077
|
||||||
|
|
||||||
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh, /usr/share/scripts/listupgrade.sh, /usr/bin/apt, /bin/mount
|
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh, /usr/share/scripts/listupgrade.sh, /usr/bin/apt, /bin/mount
|
||||||
|
|
||||||
nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_procs
|
|
||||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_minifirewall
|
|
||||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_haproxy_stats
|
|
||||||
nagios ALL = NOPASSWD: /usr/sbin/bkctld check
|
|
||||||
nagios ALL = (clamav) NOPASSWD: /usr/bin/clamscan /tmp/safe.txt
|
|
||||||
|
|
||||||
%{{ evolinux_sudo_group }} ALL=(ALL:ALL) ALL
|
%{{ evolinux_sudo_group }} ALL=(ALL:ALL) ALL
|
||||||
%{{ evolinux_sudo_group }} ALL = NOPASSWD: MAINT
|
%{{ evolinux_sudo_group }} ALL = NOPASSWD: MAINT
|
||||||
|
|
|
@ -72,3 +72,13 @@
|
||||||
notify: restart nagios-nrpe-server
|
notify: restart nagios-nrpe-server
|
||||||
tags:
|
tags:
|
||||||
- nagios-nrpe
|
- nagios-nrpe
|
||||||
|
|
||||||
|
- name: Nagios user has proper sudo privileges
|
||||||
|
copy:
|
||||||
|
src: nagios_sudoers
|
||||||
|
dest: /etc/sudoers.d/nagios
|
||||||
|
mode: "0440"
|
||||||
|
validate: '/usr/sbin/visudo -cf %s'
|
||||||
|
tags:
|
||||||
|
- nagios-nrpe
|
||||||
|
- nagios-plugins
|
Loading…
Reference in a new issue