diff options
| author | Chris Fordham | 2016-02-13 17:25:23 +1100 |
|---|---|---|
| committer | Chris Fordham | 2016-02-13 17:25:23 +1100 |
| commit | 68c3a5638ea86b0e0bdd62be52a5a67a7c29a1b8 (patch) | |
| tree | 36ec00d3586342432ee1f43b707484357a59d573 /90-rightscale | |
| download | aur-68c3a5638ea86b0e0bdd62be52a5a67a7c29a1b8.tar.gz | |
Add rightlink-bin package.
Diffstat (limited to '90-rightscale')
| -rw-r--r-- | 90-rightscale | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/90-rightscale b/90-rightscale new file mode 100644 index 000000000000..e33e05271bd3 --- /dev/null +++ b/90-rightscale @@ -0,0 +1,12 @@ +# Rightlink service startup requires these directives: +Defaults:root !requiretty +Defaults:rightlink !requiretty +Defaults:rightlink !env_reset +root ALL=(ALL) SETENV:ALL +# Blanket permissions. If you wish to remove the NOPASSWD:ALL line and tighten +# permissions, you must add in permissions for (1) lifecycle management (reboot/terminate) +# via /sbin/init and (2) managed login. The minimal set of permissions to do this +# are given below. The first line below would allow (1) and second would allow (2) +# rightlink ALL=(root) NOPASSWD:/sbin/init +# rightlink ALL=(rightscale) NOPASSWD:/usr/bin/tee /home/rightscale/.ssh/authorized_keys +rightlink ALL=(ALL) SETENV:NOPASSWD:ALL |