From d880b5b4254ed3d89303227d7de4a79e8e0579a7 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 17 Oct 2018 23:58:27 +0300 Subject: [PATCH] limit sudo for admin to vesta scripts only --- install/debian/7/sudo/admin | 2 +- install/debian/8/sudo/admin | 2 +- install/debian/9/sudo/admin | 2 +- install/rhel/5/sudo/admin | 2 +- install/rhel/6/sudo/admin | 2 +- install/rhel/7/sudo/admin | 2 +- install/ubuntu/12.04/sudo/admin | 2 +- install/ubuntu/12.10/sudo/admin | 2 +- install/ubuntu/13.04/sudo/admin | 2 +- install/ubuntu/13.10/sudo/admin | 2 +- install/ubuntu/14.04/sudo/admin | 2 +- install/ubuntu/14.10/sudo/admin | 2 +- install/ubuntu/15.04/sudo/admin | 2 +- install/ubuntu/15.10/sudo/admin | 2 +- install/ubuntu/16.04/sudo/admin | 2 +- install/ubuntu/16.10/sudo/admin | 2 +- install/ubuntu/17.04/sudo/admin | 2 +- install/ubuntu/17.10/sudo/admin | 2 +- install/ubuntu/18.04/sudo/admin | 2 +- 19 files changed, 19 insertions(+), 19 deletions(-) diff --git a/install/debian/7/sudo/admin b/install/debian/7/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/debian/7/sudo/admin +++ b/install/debian/7/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/8/sudo/admin b/install/debian/8/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/debian/8/sudo/admin +++ b/install/debian/8/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/9/sudo/admin b/install/debian/9/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/debian/9/sudo/admin +++ b/install/debian/9/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/5/sudo/admin b/install/rhel/5/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/rhel/5/sudo/admin +++ b/install/rhel/5/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/6/sudo/admin b/install/rhel/6/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/rhel/6/sudo/admin +++ b/install/rhel/6/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/7/sudo/admin b/install/rhel/7/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/rhel/7/sudo/admin +++ b/install/rhel/7/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/12.04/sudo/admin b/install/ubuntu/12.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/12.04/sudo/admin +++ b/install/ubuntu/12.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/12.10/sudo/admin b/install/ubuntu/12.10/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/12.10/sudo/admin +++ b/install/ubuntu/12.10/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/13.04/sudo/admin b/install/ubuntu/13.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/13.04/sudo/admin +++ b/install/ubuntu/13.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/13.10/sudo/admin b/install/ubuntu/13.10/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/13.10/sudo/admin +++ b/install/ubuntu/13.10/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/14.04/sudo/admin b/install/ubuntu/14.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/14.04/sudo/admin +++ b/install/ubuntu/14.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/14.10/sudo/admin b/install/ubuntu/14.10/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/14.10/sudo/admin +++ b/install/ubuntu/14.10/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/15.04/sudo/admin b/install/ubuntu/15.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/15.04/sudo/admin +++ b/install/ubuntu/15.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/15.10/sudo/admin b/install/ubuntu/15.10/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/15.10/sudo/admin +++ b/install/ubuntu/15.10/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/16.04/sudo/admin b/install/ubuntu/16.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/16.04/sudo/admin +++ b/install/ubuntu/16.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/16.10/sudo/admin b/install/ubuntu/16.10/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/16.10/sudo/admin +++ b/install/ubuntu/16.10/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/17.04/sudo/admin b/install/ubuntu/17.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/17.04/sudo/admin +++ b/install/ubuntu/17.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/17.10/sudo/admin b/install/ubuntu/17.10/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/17.10/sudo/admin +++ b/install/ubuntu/17.10/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/18.04/sudo/admin b/install/ubuntu/18.04/sudo/admin index 4226bdd49..331fa1f2d 100644 --- a/install/ubuntu/18.04/sudo/admin +++ b/install/ubuntu/18.04/sudo/admin @@ -4,5 +4,5 @@ Defaults:admin !syslog Defaults:admin !requiretty Defaults:root !requiretty -admin ALL=(ALL) ALL +# sudo is limited to vesta scripts admin ALL=NOPASSWD:/usr/local/vesta/bin/*