opengnsys
/
ogboot
2
0
Fork 0
Code Issues Pull Requests 2 Packages Projects Releases Wiki Activity

refs #2789 replace ogboot sudoers to a unique sudoers and adds necessary ogboot commands

pull/25/head
Luis Gerardo Romero Garcia 2025-09-22 13:06:06 +02:00
parent b24c2e5db9
commit 48e1602433
1 changed files with 52 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
etc/ogboot.sudoers
View File

@ -1,3 +1,52 @@
opengnsys ALL=(ALL) NOPASSWD: /opt/bin/oglivecli
opengnsys ALL=(root) NOPASSWD: /usr/bin/chmod, /usr/bin/chown, /usr/bin/md5sum, /usr/bin/smbpasswd, /usr/bin/cat, /usr/bin/tee, /usr/bin/sed, /usr/bin/gzip, /usr/bin/lz4, /usr/bin/cpio, /usr/bin/find, /bin/tee, /usr/bin/dd, /usr/bin/mkfs.ext4, /usr/bin/rsync
opengnsys ALL=(root) NOPASSWD: __OGBOOT_TARGET__/lib/*.iso /mnt
# Variables para facilitar la lectura
Cmnd_Alias MOUNT_RECOVERY = \
/usr/bin/mkdir -p /mnt/recovery, \
/usr/bin/mount /dev/* /mnt/recovery, \
/usr/bin/mount --bind /dev /mnt/recovery/dev, \
/usr/bin/mount --bind /proc /mnt/recovery/proc, \
/usr/bin/mount --bind /sys /mnt/recovery/sys, \
/usr/bin/umount /mnt/recovery/dev, \
/usr/bin/umount /mnt/recovery/proc, \
/usr/bin/umount /mnt/recovery/sys, \
/usr/bin/umount -l /mnt/recovery
Cmnd_Alias OGBOOT = \
/opt/bin/oglivecli, \
/usr/bin/chmod, \
/usr/bin/chown, \
/usr/bin/md5sum, \
/usr/bin/smbpasswd, \
/usr/bin/cat, \
/usr/bin/tee, \
/usr/bin/sed, \
/usr/bin/gzip, \
/usr/bin/lz4, \
/usr/bin/cpio, \
/usr/bin/find, \
/bin/tee, \
/usr/bin/dd, \
/usr/bin/mkfs.ext4, \
/usr/bin/rsync, \
/opt/opengnsys/ogboot/lib/*.iso /mnt
Cmnd_Alias CHROOT_GRUB = \
/usr/sbin/chroot /mnt/recovery /usr/sbin/grub-install --target=i386-pc *, \
/usr/sbin/chroot /mnt/recovery /usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg
Cmnd_Alias LOOP_KPARTX = \
/usr/sbin/losetup -d *, \
/usr/sbin/kpartx -av /opt/opengnsys/ogrepository/images_virtual/*, \
/usr/sbin/kpartx -d /opt/opengnsys/ogrepository/images_virtual/*, \
/usr/sbin/blkid /dev/mapper/*
Cmnd_Alias KILL_BT = \
/usr/bin/pkill -9 btlaunchmany, \
/usr/bin/pkill -9 bttrack, \
/usr/bin/kill -9 *
Cmnd_Alias PYTHON_OGREPO = /usr/bin/python3 /opt/opengnsys/ogrepository/bin/*
# Permitir al usuario opengnsys ejecutar estos comandos sin contraseña
opengnsys ALL=(root) NOPASSWD: MOUNT_RECOVERY, CHROOT_GRUB, LOOP_KPARTX, OGBOOT, KILL_BT, PYTHON_OGREPO