Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / f3c7943ea7b25baccc529865e354d14c5e33ff80 / . / linux / system / sudo.yml
blob: 68f2b8497b5fb5ce6b79019151d6db2a95843e42 [file] [log] [blame]
Petr Michaleceb2e3d22017-02-22 10:32:02 +0100[diff] [blame]1parameters:
2 _param:
3 sudo_shells:
4 - /bin/sh
5 - /bin/ksh
6 - /bin/bash
7 - /bin/rbash
8 - /bin/dash
9 - /bin/zsh
10 - /bin/csh
11 - /bin/fish
12 - /bin/tcsh
13 - /usr/bin/login
14 - /usr/bin/su
15 - /usr/su
16 sudo_restricted_su:
17 - /bin/vi* /etc/sudoers*
18 - /bin/nano /etc/sudoers*
19 - /bin/emacs /etc/sudoers*
20 - /bin/su - root
21 - /bin/su -
22 - /bin/su
23 - /usr/sbin/visudo
Petr Michalec6e6ead42017-08-01 11:10:46 +0200[diff] [blame]24 - /usr/bin/sudo
Petr Michalece9f85442017-08-10 14:22:57 +0200[diff] [blame]25 - /bin/bash
Alexander Rubtsov846b2632017-03-16 15:26:33 +0400[diff] [blame]26 sudo_coreutils_safe:
Petr Michalecbcfa7cf2017-08-10 17:57:56 +0200[diff] [blame]27 - /usr/bin/cat
Alexander Rubtsov846b2632017-03-16 15:26:33 +0400[diff] [blame]28 - /usr/bin/less
Petr Michalecbcfa7cf2017-08-10 17:57:56 +0200[diff] [blame]29 - /usr/bin/view
30 - /usr/bin/more
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]31 - /usr/bin/grep
32 - /usr/bin/fgrep
33 - /usr/bin/egrep
34 - /usr/bin/zgrep
Petr Michalecbcfa7cf2017-08-10 17:57:56 +0200[diff] [blame]35 - /usr/bin/ack
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]36 - /usr/bin/tail
37 - /usr/bin/socat
38 - /usr/bin/top
Petr Michalecbcfa7cf2017-08-10 17:57:56 +0200[diff] [blame]39 - /usr/bin/atop
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]40 - /usr/bin/tail
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]41 - /usr/bin/lsof
42 - /usr/bin/virsh
43 - /bin/ls
44 - /bin/cp
45 - /bin/netstat
Petr Michalecbcfa7cf2017-08-10 17:57:56 +0200[diff] [blame]46 sudo_coreutils_trusted:
47 - /usr/bin/vi*
48 - /usr/bin/vim*
49 - /usr/bin/emacs*
50 - /usr/bin/nano*
Matthew Roarkf6840072017-05-07 20:19:32 -0500[diff] [blame]51 sudo_rabbitmq_safe:
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]52 - /usr/sbin/rabbitmqctl
Matthew Roarkf6840072017-05-07 20:19:32 -0500[diff] [blame]53 - /usr/sbin/rabbitmqctl status
54 - /usr/sbin/rabbitmqctl cluster_status
55 - /usr/sbin/rabbitmqctl list_queues*
Petr Michaleceb2e3d22017-02-22 10:32:02 +0100[diff] [blame]56 sudo_salt_safe:
Alexander Dobdin60d726a2017-04-21 13:13:03 +0400[diff] [blame]57 - /usr/bin/salt * state*
58 - /usr/bin/salt * service*
59 - /usr/bin/salt * pillar*
60 - /usr/bin/salt * grains*
61 - /usr/bin/salt * saltutil*
Taylor Mayd42017c2017-05-06 15:39:53 -0500[diff] [blame]62 - /usr/bin/salt * test.ping
Petr Michaleceb2e3d22017-02-22 10:32:02 +0100[diff] [blame]63 - /usr/bin/salt-call state*
64 - /usr/bin/salt-call service*
65 - /usr/bin/salt-call pillar*
66 - /usr/bin/salt-call grains*
67 - /usr/bin/salt-call saltutil*
68 sudo_salt_trusted:
69 - /usr/bin/salt*
Anatolii Neliubin992df7c2017-05-17 10:57:34 +0500[diff] [blame]70 sudo_networking:
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]71 - /sbin/ip
72 - /sbin/ss
73 - /sbin/ifconfig
74 - /sbin/route
75 - /sbin/ethtool
76 - /sbin/tcpdump
77 sudo_contrail_utilities:
78 - /usr/bin/contrail*
79 - /bin/contrail*
80 - /usr/bin/vif
81 - /usr/bin/flow
82 - /usr/bin/vrfstats
83 - /usr/bin/rt
84 - /usr/bin/dropstats
85 - /usr/bin/mpls
86 - /usr/bin/mirror
87 - /usr/bin/vxlan
88 - /usr/bin/nh
89 sudo_storage_utilities:
90 - /usr/bin/ceph*
91 - /usr/bin/rados*
92 - /usr/bin/rbd
93 - /usr/sbin/gluster
Petr Michalecbcfa7cf2017-08-10 17:57:56 +0200[diff] [blame]94 - /usr/fdisk -l *
95 - /usr/bin/du *
96 - /bin/df *
Anatolii Neliubin4159b582017-05-11 09:24:58 +0500[diff] [blame]97 sudo_openstack_clients:
98 - /usr/bin/openstack
99 - /usr/bin/heat*
100 - /usr/bin/nova*
101 - /usr/bin/neutron*
102 - /usr/bin/keystone*
103 - /usr/bin/glance*
104 - /usr/bin/cinder*
105 - /usr/bin/swift*
106 - /usr/bin/ironic*
107 - /usr/bin/manila*
108 - /usr/bin/barbican*
109 - /usr/bin/ceilometer*
110 - /usr/bin/trove*
111