Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 07a1939c01cb32ee55f12e11a9004b03c517f856 / . / openssh / server / team / support.yml
blob: bb8382bb642bcb3fc18da00c483cab303060f5c7 [file] [log] [blame]
Dmitrii Sutiagin5c8d8d82017-11-02 17:43:08 -0700[diff] [blame]1## DEPRECATED, this class will be removed 01/2018
2## please integrate submodule opscare instead
3## https://gerrit.mirantis.com/#/admin/projects/mmo-support/reclass-opscare
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]4classes:
5- system.linux.system.sudo
6# L1
7- system.openssh.server.team.members.aleksandrdobdin
8- system.openssh.server.team.members.aleksandrrubtsov
9- system.openssh.server.team.members.anatoliineliubin
10- system.openssh.server.team.members.antonrodionov
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]11- system.openssh.server.team.members.deprecated.collinmay
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]12- system.openssh.server.team.members.danilakhmetov
13- system.openssh.server.team.members.deniskostriukov
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]14- system.openssh.server.team.members.deprecated.dmitrygoloshubov
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]15- system.openssh.server.team.members.javierdiaz
Matthew Roark2e686bb2017-09-29 13:08:18 -0500[diff] [blame]16- system.openssh.server.team.members.jorgesorondo
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]17- system.openssh.server.team.members.josuepalmerin
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]18- system.openssh.server.team.members.deprecated.krzysztoffranckowski
19- system.openssh.server.team.members.deprecated.matthewroark
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]20- system.openssh.server.team.members.maximefimov
21- system.openssh.server.team.members.mikhailkraynov
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]22- system.openssh.server.team.members.deprecated.renesoto
23- system.openssh.server.team.members.deprecated.rsafonov
Margarita Mazepab16cbe02018-03-21 16:28:40 +0400[diff] [blame]24- system.openssh.server.team.members.mmazepa
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]25- system.openssh.server.team.members.deprecated.scottmachtmes
26- system.openssh.server.team.members.deprecated.zahedkhurasani
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]27# L2OPS
28- system.openssh.server.team.members.aepifanov
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]29- system.openssh.server.team.members.deprecated.apetrenko
30- system.openssh.server.team.members.deprecated.atarasov
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]31- system.openssh.server.team.members.dklepikov
32- system.openssh.server.team.members.dsutyagin
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]33- system.openssh.server.team.members.deprecated.ekozhemyakin
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]34- system.openssh.server.team.members.enikanorov
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]35- system.openssh.server.team.members.deprecated.fsoppelsa
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]36- system.openssh.server.team.members.manashkin
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]37- system.openssh.server.team.members.deprecated.nkondra
38- system.openssh.server.team.members.deprecated.nkabanova
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]39- system.openssh.server.team.members.obryndzii
40- system.openssh.server.team.members.oliemieshko
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]41- system.openssh.server.team.members.deprecated.sovsianikov
42- system.openssh.server.team.members.deprecated.cade
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]43- system.openssh.server.team.members.jmosher
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]44- system.openssh.server.team.members.deprecated.ecantwell
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]45- system.openssh.server.team.members.lmercl
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]46- system.openssh.server.team.members.deprecated.osmola
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]47- system.openssh.server.team.members.pcizinsky
azvyagintsevb77a9b12018-09-27 11:01:44 +0300[diff] [blame]48- system.openssh.server.team.members.deprecated.pmathews
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]49- system.openssh.server.team.members.pmichalec
50parameters:
51 _param:
Ales Komarek57388972017-08-30 14:57:19 +0200[diff] [blame]52 linux_system_user_sudo: true
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]53 linux:
54 system:
55 group:
56 supportl1:
57 enabled: false
Petr Michalec009b54c2017-08-10 12:31:31 +0200[diff] [blame]58 name: supportl1
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]59 supportl2:
60 enabled: false
Petr Michalec009b54c2017-08-10 12:31:31 +0200[diff] [blame]61 name: supportl2
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]62 support0:
Dmitrii Sutiagin8dc2ffb2017-08-18 12:43:38 -0700[diff] [blame]63 enabled: false
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]64 name: support0
65 support1:
Dmitrii Sutiagin8dc2ffb2017-08-18 12:43:38 -0700[diff] [blame]66 enabled: false
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]67 name: support1
Dmitrii Sutiagin8dc2ffb2017-08-18 12:43:38 -0700[diff] [blame]68 support2:
69 enabled: false
70 name: support2
71 support3:
72 enabled: true
73 name: support3
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]74 addusers:
75 # L1
Petr Michalec11eb1b02017-08-07 12:48:35 +0200[diff] [blame]76 - ${linux:system:user:adobdin:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]77 - ${linux:system:user:arubtsov:name}
78 - ${linux:system:user:aneliubin:name}
79 - ${linux:system:user:arodionov:name}
80 - ${linux:system:user:cmay:name}
81 - ${linux:system:user:dakhmetov:name}
82 - ${linux:system:user:dkostriukov:name}
83 - ${linux:system:user:dgoloshubov:name}
84 - ${linux:system:user:jdiaz:name}
85 - ${linux:system:user:jpalmerin:name}
86 - ${linux:system:user:kfranckowski:name}
87 - ${linux:system:user:mroark:name}
88 - ${linux:system:user:mefimov:name}
89 - ${linux:system:user:mkraynov:name}
90 - ${linux:system:user:nkabanova:name}
91 - ${linux:system:user:rsoto:name}
92 - ${linux:system:user:rsafonov:name}
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]93 # L2OPS
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]94 - ${linux:system:user:aepifanov:name}
95 - ${linux:system:user:apetrenko:name}
96 - ${linux:system:user:atarasov:name}
97 - ${linux:system:user:dklepikov:name}
98 - ${linux:system:user:dsutyagin:name}
Petr Michalec4ebbc4b2017-08-07 12:18:22 +0200[diff] [blame]99 - ${linux:system:user:ekozhemyakin:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]100 - ${linux:system:user:enikanorov:name}
101 - ${linux:system:user:fsoppelsa:name}
102 - ${linux:system:user:manashkin:name}
103 - ${linux:system:user:nkondra:name}
Andrii Petrenkoaefc0b62017-08-24 10:51:28 -0700[diff] [blame]104 - ${linux:system:user:nkabanova:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]105 - ${linux:system:user:obryndzii:name}
106 - ${linux:system:user:oliemieshko:name}
107 - ${linux:system:user:sovsianikov:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]108 - ${linux:system:user:pmichalec:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]109 - ${linux:system:user:pcizinsky:name}
110 - ${linux:system:user:osmola:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]111 - ${linux:system:user:jmosher:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]112 - ${linux:system:user:lmercl:name}
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]113 sudo:
114 enabled: true
115 aliases:
116 command:
117 SUPPORT_SALT: ${_param:sudo_salt_safe}
118 SUPPORT_SALT_TRUSTED: ${_param:sudo_salt_trusted}
119 SUPPORT_RESTRICTED_SHELLS: ${_param:sudo_shells}
120 SUPPORT_RESTRICTED_SU: ${_param:sudo_restricted_su}
121 SUPPORT_COREUTILS: ${_param:sudo_coreutils_safe}
122 SUPPORT_RABBITMQ: ${_param:sudo_rabbitmq_safe}
123 SUPPORT_SALT_TRUSTED: ${_param:sudo_salt_trusted}
124 SUPPORT_NETWORKING: ${_param:sudo_networking}
125 SUPPORT_CONTRAIL: ${_param:sudo_contrail_utilities}
126 SUPPORT_STORAGE: ${_param:sudo_storage_utilities}
127 SUPPORT_OPENSTACK_CLIENTS: ${_param:sudo_openstack_clients}
128 groups:
129 support0:
130 # This group should have only RO access to non-sensitive data and commands
131 # assumed usage: common operations, non experienced, non technical users.
132 commands:
133 - SUPPORT_SALT
134 - '!SUPPORT_RESTRICTED_SHELLS'
135 - '!SUPPORT_RESTRICTED_SU'
136 support1:
137 # This group should have access to safe, trusted, commands
138 commands:
139 - SUPPORT_SALT
140 - SUPPORT_COREUTILS
141 - SUPPORT_RABBITMQ
142 - SUPPORT_NETWORKING
143 - SUPPORT_CONTRAIL
144 - SUPPORT_STORAGE
145 - SUPPORT_OPENSTACK_CLIENTS
146 - '!SUPPORT_RESTRICTED_SHELLS'
147 - '!SUPPORT_RESTRICTED_SU'
148 support2:
149 # This group should have access to any command using sudo
150 commands:
151 - SUPPORT_SALT
152 - SUPPORT_SALT_TRUSTED
153 - SUPPORT_COREUTILS
154 - SUPPORT_RABBITMQ
155 - SUPPORT_NETWORKING
156 - SUPPORT_CONTRAIL
157 - SUPPORT_STORAGE
158 - SUPPORT_OPENSTACK_CLIENTS
159 - '!SUPPORT_RESTRICTED_SHELLS'
160 - '!SUPPORT_RESTRICTED_SU'
161 support3:
162 # It's never safe to run unlimited number of commands with sudo.
163 # Use with caution.
Dmitrii Sutiagin0c7348d2017-08-24 16:24:32 -0700[diff] [blame]164 setenv: true
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]165 commands:
166 - ALL