From 0898e2fbf23cbcc7ba959946cc802a41b6e581dc Mon Sep 17 00:00:00 2001
From: Sinisa Veseli <sveseli@aps.anl.gov>
Date: Tue, 23 Jun 2015 19:37:24 +0000
Subject: [PATCH] add sudo rules template

---
 etc/dm.sudo-rules.template | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 etc/dm.sudo-rules.template

diff --git a/etc/dm.sudo-rules.template b/etc/dm.sudo-rules.template
new file mode 100644
index 00000000..b43ddd08
--- /dev/null
+++ b/etc/dm.sudo-rules.template
@@ -0,0 +1,11 @@
+## DM user sudo functions
+## All strings starting with DM_* have to be replaced with actual values 
+Host_Alias HOST=DM_HOSTNAME
+User_Alias USER=DM_SYSTEM_USER
+Cmnd_Alias SETFACL=/usr/bin/setfacl -m group\:*\:rx DM_DATA_DIR/*
+Cmnd_Alias USERMOD=/usr/sbin/usermod -a -G * *
+Cmnd_Alias GROUPADD=/usr/sbin/groupadd *
+
+USER HOST=(root) NOPASSWD: SETFACL,USERMOD,GROUPADD
+
+
-- 
GitLab