# vars file for sudoers --- # --- # /etc/sudoers # --- sudoers_defaults: - env_reset - mail_badpass - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' sudoers_host_aliases: [] sudoers_user_aliases: [] sudoers_cmnd_aliases: [] sudoers_runas_aliases: [] sudoers_user_privileges: - name: root entry: 'ALL=(ALL:ALL) ALL' sudoers_group_privileges: [] sudoers_remove_user: - back - www-data # --- # /etc/sudoers.d/50-user # --- sudoers_file_defaults: [] sudoers_file_host_aliases: [] sudoers_file_user_aliases: [] sudoers_file_cmnd_aliases: [] sudoers_file_runas_aliases: [] sudoers_file_user_back_privileges: - 'ALL=(root) NOPASSWD: /usr/bin/rsync' - 'ALL=(root) NOPASSWD: /usr/bin/find' - 'ALL=(root) NOPASSWD: /usr/bin/realpath' sudoers_file_user_back_postgres_privileges: - 'ALL=(postgres) NOPASSWD: /usr/bin/psql' - 'ALL=(postgres) NOPASSWD: /usr/bin/pg_dump' - 'ALL=(postgres) NOPASSWD: /usr/bin/pg_dumpall' sudoers_file_user_back_disk_privileges: - 'ALL=(root) NOPASSWD: /usr/bin/which' - 'ALL=(root) NOPASSWD: /sbin/hdparm -I /dev/*' - 'ALL=(root) NOPASSWD: /sbin/fdisk' - 'ALL=(root) NOPASSWD: /sbin/sgdisk' - 'ALL=(root) NOPASSWD: /sbin/sfdisk -d /dev/*' - 'ALL=(root) NOPASSWD: /bin/dd if=/dev/*' - 'ALL=(root) NOPASSWD: /sbin/parted' - 'ALL=(root) NOPASSWD: /sbin/gdisk' sudoers_file_user_webadmin_disk_privileges: - 'ALL=(root) NOPASSWD: /usr/bin/mailq' - 'ALL=(root) NOPASSWD: /usr/bin/tail' - 'ALL=(root) NOPASSWD: /usr/bin/view' sudoers_file_dns_server_privileges: - name: manage-bind entry: 'ALL=(root) NOPASSWD: /usr/local/bin/bind_*' - name: manage-bind entry: 'ALL=(root) NOPASSWD: /root/bin/bind/bind_*' - name: chris entry: 'ALL=(root) NOPASSWD: /root/bin/bind/*' sudoers_file_postfixadmin_privileges: - name: www-data entry: 'ALL=(vmail)NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh' - name: www-data entry: 'ALL=(vmail)NOPASSWD: /usr/local/bin/postfixadmin-domain-postdeletion.sh' sudoers_file_user_privileges: [] sudoers_file_group_privileges: []