Log file access to users of sys_* group

Provide log access to users of the groups sys_admin,
sys_configurator, sys_operator, and sys_reader.
This change adds read permission so that the users
of sys_* groups can access logs at /var/log

Test Plan:
PASS: Build iso and deploy.
PASS: AIO-SX: create a user and add to sys_operator
      group. Verify if the user have access to log files.
      Ensure the user can view the log files using cat
      and edit them using vim.
PASS: AIO-SX: create a user and add to sys_reader
      group. Verify if the user have access to log files.
      Ensure the user can view the log files using cat
       and edit them using vim.
PASS: AIO-SX: create a user and add to sys_configurator
      group. Verify if the user have access to log files.
      Ensure the user can view the log files using cat
      and edit them using vim.
PASS: AIO-SX: create a user and add to sys_admin
      group. Verify if the user have access to log files.
      Ensure the user can view the log files using cat
      and edit them using vim.

Story: 2011241
Task: 51208

Depends-On: https://review.opendev.org/c/starlingx/stx-puppet/+/932168

Change-Id: Icaeca4559cd84d3843fe2024430ff5726640cae6
Signed-off-by: Jagatguru Prasad Mishra <jagatguruprasad.mishra@windriver.com>

sudo-config/debian/deb_folder/control

@@ -10,4 +10,5 @@ Package: sudo-config
 Architecture: all
 Depends: ${misc:Depends}, sudo
 Description: StarlingX sudo configuration file
+ Installs sysadmin and logs file on sudoers.d directory.
  Installs sysadmin and sys_admin file on sudoers.d directory.

sudo-config/debian/deb_folder/postinst

@@ -3,9 +3,11 @@
 set -e
 
 cp /usr/share/starlingx/sysadmin.sudo /etc/sudoers.d/sysadmin
+cp /usr/share/starlingx/logs.sudo /etc/sudoers.d/logs
 cp /usr/share/starlingx/sys_admin.sudo /etc/sudoers.d/sys_admin
 
 chmod 440 /etc/sudoers.d/sysadmin
+chmod 440 /etc/sudoers.d/logs
 chmod 440 /etc/sudoers.d/sys_admin
 
 #DEBHELPER#

sudo-config/debian/deb_folder/sudo-config.install

@@ -1,2 +1,3 @@
 sysadmin.sudo usr/share/starlingx
+logs.sudo     usr/share/starlingx
 sys_admin.sudo usr/share/starlingx

sudo-config/source-debian/logs.sudo

@@ -0,0 +1,16 @@
+# User alias specification
+User_Alias      ALL_SYS_GROUPS = %sys_admin, %sys_configurator, %sys_operator, %sys_reader
+
+# Cmnd alias specification
+Cmnd_Alias      CAT_LOGS = /usr/bin/ls /var/log/*, /usr/bin/cat /var/log/*.log
+Cmnd_Alias      GUNZIP_LOGS = /usr/bin/gunzip /var/log/*.gz, /usr/bin/cat /var/log/*.log.[0-9]*
+Cmnd_Alias      VIM_LOGS = /usr/bin/vim /var/log/*.log, /usr/bin/vim /var/log/*.log.[0-9]*
+
+# Allow members of all sys_* groups to execute selected commands
+ALL_SYS_GROUPS          ALL=(root:root) NOPASSWD: CAT_LOGS, VIM_LOGS
+# Allow members of all sys_admin groups to execute selected commands
+%sys_admin              ALL=(root:root) NOPASSWD: GUNZIP_LOGS
+# Allow members of all sys_configurator groups to execute selected commands
+%sys_configurator       ALL=(root:root) NOPASSWD: GUNZIP_LOGS
+# Allow members of all sys_operator groups to execute selected commands
+%sys_operator           ALL=(root:root) NOPASSWD: GUNZIP_LOGS