[sudoers] add /usr/local/bin/storyteller to READ_ONLY_CMDS (#13422)

Adding /usr/local/bin/storyteller to READ_ONLY_CMDS. So no write access or prompt for password is needed to run storyteller. Tested on 202205 clusters, user who didn't request write access was able to grep log using storyteller. sign-off: Jing Zhang [email protected]
sonic-net · Jan 27, 2023 · dabb31c · dabb31c
1 parent 77745f5
commit dabb31c
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/files/image_config/sudoers/sudoers b/files/image_config/sudoers/sudoers
@@ -42,7 +42,8 @@ Cmnd_Alias      READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
                                  /usr/local/bin/pcieutil *, \
                                  /usr/local/bin/psuutil *, \
                                  /usr/local/bin/sonic-installer list, \
-                                 /usr/local/bin/sfputil show *
+                                 /usr/local/bin/sfputil show *, \
+                                 /usr/local/bin/storyteller *
 
 
 Cmnd_Alias      PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \