From dabb31c5f6d7c9d3897a14d3851cf7d0de0a4fe6 Mon Sep 17 00:00:00 2001
From: Jing Zhang <zhangjing@microsoft.com>
Date: Thu, 26 Jan 2023 20:38:29 -0800
Subject: [PATCH] [sudoers] add `/usr/local/bin/storyteller` to
 `READ_ONLY_CMDS` (#13422)

Adding /usr/local/bin/storyteller to READ_ONLY_CMDS. So no write access or prompt for password is needed to run storyteller.

Tested on 202205 clusters, user who didn't request write access was able to grep log using storyteller.

sign-off: Jing Zhang zhangjing@microsoft.com
---
 files/image_config/sudoers/sudoers | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/files/image_config/sudoers/sudoers b/files/image_config/sudoers/sudoers
index fb371c59b8ad..d07d0dcfbcc8 100644
--- a/files/image_config/sudoers/sudoers
+++ b/files/image_config/sudoers/sudoers
@@ -42,7 +42,8 @@ Cmnd_Alias      READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
                                  /usr/local/bin/pcieutil *, \
                                  /usr/local/bin/psuutil *, \
                                  /usr/local/bin/sonic-installer list, \
-                                 /usr/local/bin/sfputil show *
+                                 /usr/local/bin/sfputil show *, \
+                                 /usr/local/bin/storyteller *
 
 
 Cmnd_Alias      PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \