Linux-Help/formula-sudoers
1
0
Fork 0
mirror of synced 2024-11-05 17:08:56 -05:00
Code Issues Releases Wiki Activity
formula-sudoers/sudoers/map.jinja
Chris Haumesser e8677905dd SRE-650 allow devs root access in qa
2019-02-15 11:44:08 -08:00

35 lines
1.4 KiB
Django/Jinja
Raw Blame History

{% set sudoers = salt['grains.filter_by']({
'Debian': {'pkg': 'sudo'},
'Ubuntu': {'pkg': 'sudo'},
'CentOS': {'pkg': 'sudo'},
'Fedora': {'pkg': 'sudo'},
'RedHat': {'pkg': 'sudo'},
'Amazon': {'pkg': 'sudo'},
'Gentoo': {'pkg': 'app-admin/sudo'},
'Mint': {'pkg': 'sudo'},
'Arch': {'pkg': 'sudo'},
'Suse': {'pkg': 'sudo'},
'FreeBSD': {'pkg': 'sudo',
'config-path': '/usr/local/etc',
'group': 'wheel'},
}, merge=salt['pillar.get']('sudoers:lookup', None)) %}
# our plos active directory core groups sudoers permissions, filtered by environment
{% set ad_group_maps = salt['grains.filter_by']({
'default': { 'default': 'ALL = (root) NOEXEC:NOPASSWD: SUPPORT' },
'vagrant': { 'default': 'ALL = (ALL:ALL) NOPASSWD: ALL' },
'dev': { 'default': 'ALL = (ALL:ALL) NOPASSWD: ALL' },
'qa': {
'default': 'ALL = (root) NOEXEC:NOPASSWD: SUPPORT',
'plosdev': 'ALL = (ALL:ALL) NOPASSWD: ALL',
'plosqa': 'ALL = (ALL:ALL) NOPASSWD: ALL',
},
'stage': {
'default': 'ALL = (root) NOEXEC:NOPASSWD: SUPPORT',
'plosdev': 'ALL = (ALL:ALL) NOPASSWD: ALL',
'plosqa': 'ALL = (ALL:ALL) NOPASSWD: ALL'
}
},
grain='environment',
merge=salt['pillar.get']('group_maps:lookup', None))
%}
Reference in a new issue View git blame Copy permalink