[Qa-jenkins-scm] [jenkins.debian.net] 04/07: jenkins probably needs to be able to do some of this?

[Holger Levsen]

This is an automated email from the git hooks/post-receive script.

holger pushed a commit to branch master
in repository jenkins.debian.net.

commit 7f4d0d76074247b11cc9efb4bc486dc94a402778
Author: Philip Hands <phil at hands.com>
Date:   Sat Nov 21 17:50:33 2015 +0000

    jenkins probably needs to be able to do some of this?
---
 hosts/jenkins-test-vm/etc/sudoers.d/jenkins | 47 +++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/hosts/jenkins-test-vm/etc/sudoers.d/jenkins b/hosts/jenkins-test-vm/etc/sudoers.d/jenkins
new file mode 100644
index 0000000..2dab2ae
--- /dev/null
+++ b/hosts/jenkins-test-vm/etc/sudoers.d/jenkins
@@ -0,0 +1,47 @@
+jenkins ALL=  \
+	NOPASSWD: /usr/sbin/debootstrap *, \
+	/usr/bin/tee /schroots/*, \
+	/usr/bin/tee -a /schroots/*, \
+	/usr/bin/tee /etc/schroot/chroot.d/jenkins*, \
+	/bin/chmod +x /schroots/*, \
+	/usr/sbin/chroot /schroots/*, \
+	/usr/sbin/chroot /chroots/*, \
+	/usr/sbin/chroot /media/*, \
+	/bin/ls -la /media/*, \
+	/bin/rm -rf --one-file-system /chroots/*, \
+	/bin/rm -rf --one-file-system /schroots/*, \
+	/bin/rm -rf --one-file-system /srv/live-build/*, \
+	/bin/rm -rf --one-file-system /srv/workspace/pbuilder/*, \
+	/bin/cp -v *.iso /srv/live-build/results/*, \
+	/bin/mv /chroots/* /schroots/*, \
+	/bin/mv /schroots/* /schroots/*, \
+	/bin/umount -l /chroots/*, \
+	/bin/umount -l /schroots/*, \
+	/bin/umount -l /media/*, \
+	/bin/rmdir /media/*, \
+	/bin/mount -o loop*, \
+	/bin/mount --bind *, \
+	/usr/bin/du *, \
+	/bin/kill *, \
+	/usr/bin/file *, \
+	/bin/dd if=/dev/zero of=/dev/jenkins*, \
+	/usr/bin/qemu-system-x86_64 *, \
+	/usr/bin/qemu-img *, \
+	/sbin/lvcreate *, /sbin/lvremove *, \
+	/bin/mkdir -p /media/*, \
+	/usr/bin/guestmount *, \
+	/bin/cp -rv /media/*, \
+	/bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*,\
+	SETENV: NOPASSWD: /usr/sbin/pbuilder *, \
+	SETENV: NOPASSWD: /usr/bin/timeout -k 12.1h 12h /usr/bin/ionice -c 3 /usr/bin/nice /usr/sbin/pbuilder *, \
+	SETENV: NOPASSWD: /usr/bin/timeout -k 12.1h 12h /usr/bin/ionice -c 3 /usr/bin/nice /usr/bin/linux64 --uname-2.6 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \
+	/bin/mv /var/cache/pbuilder/*base*.tgz /var/cache/pbuilder/*base*.tgz, \
+	/bin/rm /var/cache/pbuilder/*base*.tgz, \
+	/bin/rm -v /var/cache/pbuilder/*base*.tgz, \
+	/bin/rm /var/cache/pbuilder/result/*, \
+	/usr/bin/dcmd rm *.changes, \
+	/usr/bin/dcmd rm *.dsc, \
+	/usr/bin/apt-get update
+
+# keep these environment variables
+Defaults        env_keep += "http_proxy", env_reset

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/qa/jenkins.debian.net.git