# * DO NOT EDIT THIS FILE * DO NOT EDIT THIS FILE * DO NOT EDIT THIS FILE * DO NOT EDIT THIS FILE *  
#         ________                                                                                 
#        /        \     ____   ___    _   _  ___ _____   _____ ____ ___ _____   _                  
#       /_ ___ _  _\   |  _ \ / _ \  | \ | |/ _ \_   _| | ____|  _ \_ _|_   _| | |                 
#      |(_` | / \|_)|  | | | | | | | |  \| | | | || |   |  _| | | | | |  | |   | |                 
#      |._) | \_/|  |  | |_| | |_| | | |\  | |_| || |   | |___| |_| | |  | |   |_|                 
#       \          /   |____/ \___/  |_| \_|\___/ |_|   |_____|____/___| |_|   (_)                  
#        \________/
#            ||
#            ||
#            ||
#            ||
#            ||
#
#          Do not edit this file, it is managed by system configuration and any changes will be
#          overwritten during updates, if you need to override settings for create a new file of
#          the form /etc/sudoers.d/<name> instead which sorts alphabetically after this file and
#          place the necessary overrides in that file.
#
# * DO NOT EDIT THIS FILE * DO NOT EDIT THIS FILE * DO NOT EDIT THIS FILE * DO NOT EDIT THIS FILE *  


###################################################################################################
# sudo rules from nif-server-config
###################################################################################################


# README:
# Any changes to this file should ALSO be made to the NIF Administrators sudoers groups in the Noggin Active Directory
# The vast majority of servers will be using the AD configuration instead of this file
# adimitriadis - 20200903
#

# General Admins + NIF Admins + support groupscan act as any 'nif' group member
%nif-admins ALL=(%nif) ALL
%admins     ALL=(%nif) ALL
%support    ALL=(%nif) ALL

# Allow users run the instance banner
%nif-admins ALL=(root) NOPASSWD: /usr/bin/nif-instance-banner, /usr/bin/nif-instance-banner --detail
%admins    ALL=(root) NOPASSWD: /usr/bin/nif-instance-banner, /usr/bin/nif-instance-banner --detail

# Log access rules
%nif-admins ALL=(root) /usr/bin/less /var/log/httpd/access_log
%nif-admins ALL=(root) /bin/journalctl -u httpd
