wiki:NewAdmin
Last modified 7 years ago Last modified on 08/18/14 11:16:49

New Admin User

Steps For Acquiring Access to Galaxy Sudoers List

First step is to create an account on gitlab: https://gitlab.uabgrid.uab.edu/

Sign in using your BlazerID and Password

Once you have a gitlab account and have been approved by admin, you need to update the sudoers files to give yourself sudo capability

The files in question are (in order of precedence):

Changes should be made to the galaxy node specific file, but I included the others as a reference. For sudoers modifications, node specific rules should start with a priority of 20 and go up from there so as not to conflict with OS specific rules (which start at 10). Here's an example from the robinhood.uabgrid.uab.edu.yaml:

sudo::configs:
  'robinhood':
    'content':
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/sbin/rbh-report\n"
      - "%atlab ALL=(ALL) NOPASSWD: /usr/sbin/rbh-report\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/sbin/rbh-diff\n"
      - "%atlab ALL=(ALL) NOPASSWD: /usr/sbin/rbh-diff\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/rbh-du\n"
      - "%atlab ALL=(ALL) NOPASSWD: /usr/bin/rbh-du\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/rbh-find\n"
      - "%atlab ALL=(ALL) NOPASSWD: /usr/bin/rbh-find\n"
    'priority':   20

Please make sure to use two spaces for each level of indent!

Here's an example of login-02 with a single entry:

sudo::configs:
  'fwbuilder':
    'content':
      - "%sysadmins ALL=(ALL) NOPASSWD: /etc/fw/login-02.fw\n"
    'priority':   20

And an example of CentOS.yaml showing multiple suoders.d/ files:

sudo::configs:
  'wheel':
    'content':    "%wheel ALL=(ALL) ALL"
    'priority':   09
  'sysadmins':
    'content':
      - "%sysadmins ALL=(ALL) ALL\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/sbin/nethogs\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/puppet agent --test\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/puppet agent --test --noop\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/yum\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/tail -f /var/log/messages\n"
      - "%sysadmins ALL=(ALL) NOPASSWD: /usr/bin/tail /var/log/messages\n"
    'priority':   10