From bdb80424adb6a3d0b37285f817118592f4e21b18 Mon Sep 17 00:00:00 2001
From: Minteck <nekostarfan@gmail.com>
Date: Mon, 9 Aug 2021 15:39:56 +0200
Subject: Securing the security

---
 README.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index f9498bd..4dcd1ec 100644
--- a/README.md
+++ b/README.md
@@ -10,13 +10,21 @@ $ sudo visudo
 
 And add the following lines:
 ```text
-www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/apt-get
-www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/do-release-upgrade
+www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/mtsp-apt-get-1
+www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/mtsp-apt-get-2
+www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/mtsp-do-release-upgrade
 www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/lshw
 ```
 
 (replacing `www-data` by the name of the user that runs your Web server)
 
+You will need to :
+* create a `/usr/bin/mtsp-apt-get-1` file that does `apt-get update`
+* create a `/usr/bin/mtsp-apt-get-2` file that does `apt-get upgrade -s`
+* create a `/usr/bin/mtsp-do-release-upgrade` file that does `do-release-upgrade -c`
+
+And make sure to have the `x` permission bit so we can run these files!
+
 ### Groups
 Add your server user (usually `www-data`) to the following groups:
 * `syslog` (required to write /var/log)
-- 
cgit