fix: Use absolute paths and update sudoers for systemctl/lsscsi
This commit is contained in:
@@ -1,37 +1,41 @@
|
||||
# Allow www-data to restart mhvtl service without password
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl restart mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl start mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl stop mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl status mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-active mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl status apache2
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-active apache2
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled apache2
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl status tgt
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-active tgt
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled tgt
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/rm -rf /opt/mhvtl/*
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl restart mhvtl, /usr/bin/systemctl restart mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl start mhvtl, /usr/bin/systemctl start mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl stop mhvtl, /usr/bin/systemctl stop mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl status mhvtl, /usr/bin/systemctl status mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-active mhvtl, /usr/bin/systemctl is-active mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled mhvtl, /usr/bin/systemctl is-enabled mhvtl
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl status apache2, /usr/bin/systemctl status apache2
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-active apache2, /usr/bin/systemctl is-active apache2
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled apache2, /usr/bin/systemctl is-enabled apache2
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl status tgt, /usr/bin/systemctl status tgt
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-active tgt, /usr/bin/systemctl is-active tgt
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled tgt, /usr/bin/systemctl is-enabled tgt
|
||||
www-data ALL=(ALL) NOPASSWD: /bin/rm -rf /opt/mhvtl/*, /usr/bin/rm -rf /opt/mhvtl/*
|
||||
www-data ALL=(ALL) NOPASSWD: /usr/sbin/tgtadm
|
||||
www-data ALL=(ALL) NOPASSWD: /usr/bin/lsscsi
|
||||
www-data ALL=(ALL) NOPASSWD: /tmp/restart-appliance.sh
|
||||
www-data ALL=(ALL) NOPASSWD: /tmp/shutdown-appliance.sh
|
||||
www-data ALL=(ALL) NOPASSWD: /usr/bin/systemctl reboot
|
||||
www-data ALL=(ALL) NOPASSWD: /usr/bin/systemctl poweroff
|
||||
|
||||
# Allow apache to restart mhvtl service without password (for RPM-based systems)
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl restart mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl start mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl stop mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl status mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-active mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl status httpd
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-active httpd
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled httpd
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl status scsi-target-utils
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-active scsi-target-utils
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled scsi-target-utils
|
||||
apache ALL=(ALL) NOPASSWD: /bin/rm -rf /opt/mhvtl/*
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl restart mhvtl, /usr/bin/systemctl restart mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl start mhvtl, /usr/bin/systemctl start mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl stop mhvtl, /usr/bin/systemctl stop mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl status mhvtl, /usr/bin/systemctl status mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-active mhvtl, /usr/bin/systemctl is-active mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled mhvtl, /usr/bin/systemctl is-enabled mhvtl
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl status httpd, /usr/bin/systemctl status httpd
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-active httpd, /usr/bin/systemctl is-active httpd
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled httpd, /usr/bin/systemctl is-enabled httpd
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl status scsi-target-utils, /usr/bin/systemctl status scsi-target-utils
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-active scsi-target-utils, /usr/bin/systemctl is-active scsi-target-utils
|
||||
apache ALL=(ALL) NOPASSWD: /bin/systemctl is-enabled scsi-target-utils, /usr/bin/systemctl is-enabled scsi-target-utils
|
||||
apache ALL=(ALL) NOPASSWD: /bin/rm -rf /opt/mhvtl/*, /usr/bin/rm -rf /opt/mhvtl/*
|
||||
apache ALL=(ALL) NOPASSWD: /usr/sbin/tgtadm
|
||||
apache ALL=(ALL) NOPASSWD: /usr/bin/lsscsi
|
||||
apache ALL=(ALL) NOPASSWD: /tmp/restart-appliance.sh
|
||||
apache ALL=(ALL) NOPASSWD: /tmp/shutdown-appliance.sh
|
||||
apache ALL=(ALL) NOPASSWD: /usr/bin/systemctl reboot
|
||||
apache ALL=(ALL) NOPASSWD: /usr/bin/systemctl poweroff
|
||||
|
||||
Reference in New Issue
Block a user