sudoers

   1 # -----------------------------------------------------------------
   2 # We're assuming that ssh authentication has already been used, this
   3 # is more risky than I'm comfortable with, but it saves the problem
   4 # of managing a separate password file.
   5 # -----------------------------------------------------------------
   6 Defaults        !authenticate
   7
   8 # -----------------------------------------------------------------
   9 # No surpise... root has universal access
  10 # -----------------------------------------------------------------
  11 root            ALL = (ALL) ALL
  12
  13 # -----------------------------------------------------------------
  14 # SITE_CMDS are those available to local site administrators
  15 # -----------------------------------------------------------------
  16 Cmnd_Alias      SITE_CMDS =     /usr/sbin/vps, \
  17                                 /usr/sbin/vpstree, \
  18                                 /usr/sbin/vtop, \
  19                                 /bin/ps, \
  20                                 /usr/bin/pstree, \
  21                                 /usr/bin/top, \
  22                                 /usr/sbin/tcpdump, \
  23                                 /usr/bin/pfgrep, \
  24                                                                 /usr/local/planetlab/bin/pl-catlogs, \
  25                                 /sbin/halt, \
  26                                 /sbin/reboot, \
  27                                 /sbin/shutdown, \
  28                                 /usr/bin/passwd -d site_admin, \
  29                                 /usr/bin/passwd site_admin
  30
  31 # -----------------------------------------------------------------
  32 # Site Admins -- accounts with admin privileges on the local nodes
  33 # -----------------------------------------------------------------
  34 site_admin      ALL = SITE_CMDS