Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 8b89df7a0935a1d5e65a28fdda1e16638e5db442 / . / openssh / server / team / support.yml
blob: f78ceac5a5a449b5def140b12c2e12110b504a9c [file] [log] [blame]
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]1classes:
2- system.linux.system.sudo
3# L1
4- system.openssh.server.team.members.aleksandrdobdin
5- system.openssh.server.team.members.aleksandrrubtsov
6- system.openssh.server.team.members.anatoliineliubin
7- system.openssh.server.team.members.antonrodionov
8- system.openssh.server.team.members.collinmay
9- system.openssh.server.team.members.danilakhmetov
10- system.openssh.server.team.members.deniskostriukov
11- system.openssh.server.team.members.dmitrygoloshubov
12- system.openssh.server.team.members.javierdiaz
Matthew Roark2e686bb2017-09-29 13:08:18 -0500[diff] [blame]13- system.openssh.server.team.members.jorgesorondo
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]14- system.openssh.server.team.members.josuepalmerin
15- system.openssh.server.team.members.krzysztoffranckowski
16- system.openssh.server.team.members.matthewroark
17- system.openssh.server.team.members.maximefimov
18- system.openssh.server.team.members.mikhailkraynov
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]19- system.openssh.server.team.members.renesoto
20- system.openssh.server.team.members.rsafonov
21- system.openssh.server.team.members.scottmachtmes
22- system.openssh.server.team.members.zahedkhurasani
23# L2OPS
24- system.openssh.server.team.members.aepifanov
25- system.openssh.server.team.members.apetrenko
26- system.openssh.server.team.members.atarasov
27- system.openssh.server.team.members.dklepikov
28- system.openssh.server.team.members.dsutyagin
29- system.openssh.server.team.members.ekozhemyakin
30- system.openssh.server.team.members.enikanorov
31- system.openssh.server.team.members.fsoppelsa
32- system.openssh.server.team.members.manashkin
33- system.openssh.server.team.members.nkondra
Andrii Petrenkoaefc0b62017-08-24 10:51:28 -0700[diff] [blame]34- system.openssh.server.team.members.nkabanova
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]35- system.openssh.server.team.members.obryndzii
36- system.openssh.server.team.members.oliemieshko
37- system.openssh.server.team.members.sovsianikov
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]38- system.openssh.server.team.members.cade
39- system.openssh.server.team.members.jmosher
40- system.openssh.server.team.members.ecantwell
41- system.openssh.server.team.members.lmercl
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]42- system.openssh.server.team.members.osmola
43- system.openssh.server.team.members.pcizinsky
44- system.openssh.server.team.members.pmathews
45- system.openssh.server.team.members.pmichalec
46parameters:
47 _param:
Ales Komarek57388972017-08-30 14:57:19 +0200[diff] [blame]48 linux_system_user_sudo: true
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]49 linux:
50 system:
51 group:
52 supportl1:
53 enabled: false
Petr Michalec009b54c2017-08-10 12:31:31 +0200[diff] [blame]54 name: supportl1
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]55 supportl2:
56 enabled: false
Petr Michalec009b54c2017-08-10 12:31:31 +0200[diff] [blame]57 name: supportl2
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]58 support0:
Dmitrii Sutiagin8dc2ffb2017-08-18 12:43:38 -0700[diff] [blame]59 enabled: false
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]60 name: support0
61 support1:
Dmitrii Sutiagin8dc2ffb2017-08-18 12:43:38 -0700[diff] [blame]62 enabled: false
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]63 name: support1
Dmitrii Sutiagin8dc2ffb2017-08-18 12:43:38 -0700[diff] [blame]64 support2:
65 enabled: false
66 name: support2
67 support3:
68 enabled: true
69 name: support3
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]70 addusers:
71 # L1
Petr Michalec11eb1b02017-08-07 12:48:35 +0200[diff] [blame]72 - ${linux:system:user:adobdin:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]73 - ${linux:system:user:arubtsov:name}
74 - ${linux:system:user:aneliubin:name}
75 - ${linux:system:user:arodionov:name}
76 - ${linux:system:user:cmay:name}
77 - ${linux:system:user:dakhmetov:name}
78 - ${linux:system:user:dkostriukov:name}
79 - ${linux:system:user:dgoloshubov:name}
80 - ${linux:system:user:jdiaz:name}
81 - ${linux:system:user:jpalmerin:name}
82 - ${linux:system:user:kfranckowski:name}
83 - ${linux:system:user:mroark:name}
84 - ${linux:system:user:mefimov:name}
85 - ${linux:system:user:mkraynov:name}
86 - ${linux:system:user:nkabanova:name}
87 - ${linux:system:user:rsoto:name}
88 - ${linux:system:user:rsafonov:name}
89 - ${linux:system:user:smachtmes:name}
90 - ${linux:system:user:zkhurasani:name}
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]91 # L2OPS
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]92 - ${linux:system:user:aepifanov:name}
93 - ${linux:system:user:apetrenko:name}
94 - ${linux:system:user:atarasov:name}
95 - ${linux:system:user:dklepikov:name}
96 - ${linux:system:user:dsutyagin:name}
Petr Michalec4ebbc4b2017-08-07 12:18:22 +0200[diff] [blame]97 - ${linux:system:user:ekozhemyakin:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]98 - ${linux:system:user:enikanorov:name}
99 - ${linux:system:user:fsoppelsa:name}
100 - ${linux:system:user:manashkin:name}
101 - ${linux:system:user:nkondra:name}
Andrii Petrenkoaefc0b62017-08-24 10:51:28 -0700[diff] [blame]102 - ${linux:system:user:nkabanova:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]103 - ${linux:system:user:obryndzii:name}
104 - ${linux:system:user:oliemieshko:name}
105 - ${linux:system:user:sovsianikov:name}
Petr Michaleceea16bd2017-08-07 11:53:07 +0200[diff] [blame]106 - ${linux:system:user:pmichalec:name}
107 - ${linux:system:user:pmathews:name}
108 - ${linux:system:user:pcizinsky:name}
109 - ${linux:system:user:osmola:name}
110 - ${linux:system:user:cade:name}
111 - ${linux:system:user:jmosher:name}
112 - ${linux:system:user:ecantwell:name}
113 - ${linux:system:user:lmercl:name}
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]114 sudo:
115 enabled: true
116 aliases:
117 command:
118 SUPPORT_SALT: ${_param:sudo_salt_safe}
119 SUPPORT_SALT_TRUSTED: ${_param:sudo_salt_trusted}
120 SUPPORT_RESTRICTED_SHELLS: ${_param:sudo_shells}
121 SUPPORT_RESTRICTED_SU: ${_param:sudo_restricted_su}
122 SUPPORT_COREUTILS: ${_param:sudo_coreutils_safe}
123 SUPPORT_RABBITMQ: ${_param:sudo_rabbitmq_safe}
124 SUPPORT_SALT_TRUSTED: ${_param:sudo_salt_trusted}
125 SUPPORT_NETWORKING: ${_param:sudo_networking}
126 SUPPORT_CONTRAIL: ${_param:sudo_contrail_utilities}
127 SUPPORT_STORAGE: ${_param:sudo_storage_utilities}
128 SUPPORT_OPENSTACK_CLIENTS: ${_param:sudo_openstack_clients}
129 groups:
130 support0:
131 # This group should have only RO access to non-sensitive data and commands
132 # assumed usage: common operations, non experienced, non technical users.
133 commands:
134 - SUPPORT_SALT
135 - '!SUPPORT_RESTRICTED_SHELLS'
136 - '!SUPPORT_RESTRICTED_SU'
137 support1:
138 # This group should have access to safe, trusted, commands
139 commands:
140 - SUPPORT_SALT
141 - SUPPORT_COREUTILS
142 - SUPPORT_RABBITMQ
143 - SUPPORT_NETWORKING
144 - SUPPORT_CONTRAIL
145 - SUPPORT_STORAGE
146 - SUPPORT_OPENSTACK_CLIENTS
147 - '!SUPPORT_RESTRICTED_SHELLS'
148 - '!SUPPORT_RESTRICTED_SU'
149 support2:
150 # This group should have access to any command using sudo
151 commands:
152 - SUPPORT_SALT
153 - SUPPORT_SALT_TRUSTED
154 - SUPPORT_COREUTILS
155 - SUPPORT_RABBITMQ
156 - SUPPORT_NETWORKING
157 - SUPPORT_CONTRAIL
158 - SUPPORT_STORAGE
159 - SUPPORT_OPENSTACK_CLIENTS
160 - '!SUPPORT_RESTRICTED_SHELLS'
161 - '!SUPPORT_RESTRICTED_SU'
162 support3:
163 # It's never safe to run unlimited number of commands with sudo.
164 # Use with caution.
Dmitrii Sutiagin0c7348d2017-08-24 16:24:32 -0700[diff] [blame]165 setenv: true
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]166 commands:
167 - ALL