Securing the security

1 files changed, 10 insertions, 2 deletions

diff --git a/README.md b/README.md
index f9498bd..4dcd1ec 100644
--- a/README.md
+++ b/README.md
@@ -10,13 +10,21 @@ $ sudo visudo
 
 And add the following lines:
 ```text
-www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/apt-get
-www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/do-release-upgrade
+www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/mtsp-apt-get-1
+www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/mtsp-apt-get-2
+www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/mtsp-do-release-upgrade
 www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/lshw
 ```
 
 (replacing `www-data` by the name of the user that runs your Web server)
 
+You will need to :
+* create a `/usr/bin/mtsp-apt-get-1` file that does `apt-get update`
+* create a `/usr/bin/mtsp-apt-get-2` file that does `apt-get upgrade -s`
+* create a `/usr/bin/mtsp-do-release-upgrade` file that does `do-release-upgrade -c`
+
+And make sure to have the `x` permission bit so we can run these files!
+
 ### Groups
 Add your server user (usually `www-data`) to the following groups:
 * `syslog` (required to write /var/log)