#
# this is a pretty bold rule; do we actually need it?       (21-jan-16; oe)
#

#
# the LAP system user can issue GOLD commands without password and tty
#
Defaults:laportal !requiretty
Cmnd_Alias GOLD = /opt/gold/bin/*
laportal ps.hpc.uio.no,at.hpc.uio.no=(root) NOPASSWD: GOLD

#
# all LAP developers can invoke the operational scripts
#
Cmnd_Alias OPERATION = /home/laportal/operation/bin/*
User_Alias LAP = emanuel,milen,nikolay,oe
LAP ps.hpc.uio.no,at.hpc.uio.no=(root) NOPASSWD: OPERATION

#
# also, all developers can become the LAP system user
#
LAP ALL=(laportal) ALL

#
# but only a sub-set of the LAP developers has full administrator rights
#
milen ALL=(ALL) ALL
nikolaiv ALL=(ALL) ALL
oe ALL=(ALL) ALL