Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3749784
D352.id832.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D352.id832.diff
View Options
diff --git a/roles/phabricator/arcanist/files/arc b/roles/phabricator/arcanist/files/arc
deleted file mode 100755
--- a/roles/phabricator/arcanist/files/arc
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/sh
-
-# -------------------------------------------------------------
-# Phabricator — Arcanist Docker container wrapper
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Author: Sébastien Santoro aka Dereckson
-# Project: Nasqueron
-# Created: 2016-01-01
-# Description: Wrapper to run Arcanist as a Docker container
-# License: Trivial work, not eligible to copyright
-# Image: nasqueron/arcanist
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Parse arguments
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-if [ -t 0 ]; then
- # If a stdin entry is available
- # launch the container in the
- # interactive mode
- FLAGS=-it
-fi
-
-# Logs are default disabled
-PRINT_LOG=0
-
-
-if [ "$1" = "shell" ]; then
- # Launch commands
- # in the container bash shell
- shift
- COMMAND=bash
-else
- # Launch arc
- mkdir -p ~/.arc
- COMMAND=arc
-
- if [ "$1" = "call-conduit" ]; then
- # Enable log printing
- PRINT_LOG=1
- # Set a random name for the container
- INSTANCE="arc-"`openssl rand -hex 21`
- FLAGS="-i -a=stdin --name=$INSTANCE"
- fi
-fi
-
-if [ -d ~/.arc/ssh ]; then
- VOLUME_SSH="-v $HOME/.arc/ssh:/root/.ssh"
-else
- VOLUME_SSH=""
-fi
-
-# -------------------------------------------------------------
-# Run container
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-if [ $PRINT_LOG -eq 0 ]; then
- docker run $FLAGS --rm -v ~/.arc:/opt/config -v $PWD:/opt/workspace $VOLUME_SSH nasqueron/arcanist $COMMAND $*
-else
- docker run $FLAGS -v ~/.arc:/opt/config -v $PWD:/opt/workspace $VOLUME_SSH nasqueron/arcanist $COMMAND $* > /dev/null
- sleep 3
- docker logs $INSTANCE
- docker rm $INSTANCE >/dev/null
-fi
diff --git a/roles/saltmaster/sudo/files/sudoers b/roles/saltmaster/sudo/files/sudoers
new file mode 100644
--- /dev/null
+++ b/roles/saltmaster/sudo/files/sudoers
@@ -0,0 +1,3 @@
+Cmnd_Alias CONTAINERS = /bin/docker, /bin/lxc-attach, /bin/lxc-autostart, /bin/lxc-cgroup, /bin/lxc-checkconfig, /bin/lxc-clone, /bin/lxc-config, /bin/lxc-console, /bin/lxc-create, /bin/lxc-destroy, /bin/lxc-execute, /bin/lxc-freeze, /bin/lxc-info, /bin/lxc-ls, /bin/lxc-monitor, /bin/lxc-snapshot, /bin/lxc-start, /bin/lxc-stop, /bin/lxc-top, /bin/lxc-unfreeze, /bin/lxc-unshare, /bin/lxc-usernsexec, /bin/lxc-wait
+
+wheel ALL=(ALL) NOPASSWD: CONTAINERS,/usr/local/bin/salt
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Nov 17, 17:52 (21 h, 8 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2249686
Default Alt Text
D352.id832.diff (2 KB)
Attached To
Mode
D352: Allow salt group's users to run salt commands
Attached
Detach File
Event Timeline
Log In to Comment