8669380c2b
Switch to how we setup sudoers files, like we did in the zuul-worker element. This stops us from possibility affecting the permissions on /etc/sudoers.d with the install-static element. Change-Id: Idaf2f4c582f333fd9acf4e4a08e5ade6fba61947 Signed-off-by: Paul Belanger <pabelanger@redhat.com>
35 lines
1007 B
Bash
Executable File
35 lines
1007 B
Bash
Executable File
#!/bin/bash
|
|
# Copyright 2017 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
#
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
cat > /etc/sudoers.d/jenkins-sudo << EOF
|
|
jenkins ALL=(ALL) NOPASSWD:ALL
|
|
EOF
|
|
chmod 0440 /etc/sudoers.d/jenkins-sudo
|
|
|
|
cat > /etc/sudoers.d/jenkins-sudo-grep <<EOF
|
|
jenkins ALL = NOPASSWD:/usr/local/jenkins/slave_scripts/jenkins-sudo-grep.sh
|
|
EOF
|
|
chmod 0440 /etc/sudoers.d/jenkins-sudo-grep
|
|
|
|
visudo -c || die "Error setting jenkins sudo!"
|