Merge lp:~allenap/maas/packaging.restrict-maas-rack-sudo-rule into lp:~maas-maintainers/maas/packaging

Proposed by Gavin Panella
Status: Merged
Approved by: Gavin Panella
Approved revision: 547
Merged at revision: 547
Proposed branch: lp:~allenap/maas/packaging.restrict-maas-rack-sudo-rule
Merge into: lp:~maas-maintainers/maas/packaging
Prerequisite: lp:~allenap/maas/packaging.atomic-delete-and-write-scripts
Diff against target: 12 lines (+1/-1)
1 file modified
debian/extras/99-maas-sudoers (+1/-1)
To merge this branch: bzr merge lp:~allenap/maas/packaging.restrict-maas-rack-sudo-rule
Reviewer Review Type Date Requested Status
Blake Rouse (community) Approve
Review via email:

Commit message

Restrict sudo rules for maas-rack to only the scan-network command, with any arguments.

To post a comment you must log in.
Revision history for this message
Blake Rouse (blake-rouse) wrote :

Be sure to have ran this installed to make sure this doesn't break anything before landing.

review: Approve
Revision history for this message
Gavin Panella (allenap) wrote :

Thanks for all the reviews. I ran this through CI with lp:~allenap/maas/remove-old-atomic-delete-and-write and the result was green:

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'debian/extras/99-maas-sudoers'
--- debian/extras/99-maas-sudoers 2017-03-23 09:12:32 +0000
+++ debian/extras/99-maas-sudoers 2017-03-23 09:12:32 +0000
@@ -10,7 +10,7 @@
10maas ALL= NOPASSWD: /bin/systemctl start tgt10maas ALL= NOPASSWD: /bin/systemctl start tgt
11maas ALL= NOPASSWD: /bin/systemctl disable maas-rackd11maas ALL= NOPASSWD: /bin/systemctl disable maas-rackd
12maas ALL= NOPASSWD: /bin/systemctl stop maas-rackd12maas ALL= NOPASSWD: /bin/systemctl stop maas-rackd
13maas ALL= NOPASSWD: /usr/sbin/maas-rack13maas ALL= NOPASSWD: /usr/sbin/maas-rack scan-network *
14maas ALL= NOPASSWD: /usr/lib/maas/maas-network-monitor14maas ALL= NOPASSWD: /usr/lib/maas/maas-network-monitor
15maas ALL= NOPASSWD: /usr/lib/maas/maas-delete-file15maas ALL= NOPASSWD: /usr/lib/maas/maas-delete-file
16maas ALL= NOPASSWD: /usr/lib/maas/maas-write-file16maas ALL= NOPASSWD: /usr/lib/maas/maas-write-file


People subscribed via source and target branches