X-Git-Url: http://git.grml.org/?p=grml-live.git;a=blobdiff_plain;f=etc%2Fgrml%2Ffai%2Fconfig%2Fscripts%2FGRML%2F20-sudo;fp=etc%2Fgrml%2Ffai%2Fconfig%2Fscripts%2FGRML%2F20-sudo;h=4bf8c7651ca3b9d834e4fab056660b8c61fe7de9;hp=0000000000000000000000000000000000000000;hb=229a51dfda4d619c47fb4b0ff94d4d952f61e62a;hpb=1a06f3f65adef0fdd432aad11f479020630778a5

diff --git a/etc/grml/fai/config/scripts/GRML/20-sudo b/etc/grml/fai/config/scripts/GRML/20-sudo
new file mode 100755
index 0000000..4bf8c76
--- /dev/null
+++ b/etc/grml/fai/config/scripts/GRML/20-sudo
@@ -0,0 +1,36 @@
+#!/bin/sh
+set -u
+set -e
+
+cat > "$target"/etc/sudoers << EOF
+# sudoers file.
+# This file MUST be edited with the "visudo" command as root.
+# See the man page for details on how to write a sudoers file.
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root    ALL=(ALL) ALL
+
+# WARNING: This allows the unprivileged grml user to start commands as root
+# WARNING: This is totally insecure and (almost) makes grml a second root account.
+# WARNING: Never allow external access to the grml user!!!
+grml    ALL=NOPASSWD: ALL
+
+# allow editing of files with editor:
+# grml ALL=NOPASSWD: sudoedit
+
+# usage examples:
+# grml ALL=NOPASSWD: /sbin/hdparm
+# grml ALL=NOPASSWD: /usr/sbin/hwinfo
+# Cmnd_Alias DEBIAN = /usr/bin/apt-get, /usr/bin/dpkg, /usr/bin/auto-apt, /usr/bin/apt-file
+# grml ALL=NOPASSWD: DEBIAN
+# chroot       ALL=NOPASSWD: /usr/sbin/chroot, /bin/su - chroot
+# chroot       ALL=NOPASSWD: /usr/sbin/chroot, /bin/su - chroot
+
+secvpn  ALL=NOPASSWD: /usr/sbin/secvpn, /usr/sbin/pppd
+EOF