volker.raschek/ansible-role-sudo
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
Files
93fe0a4826a4f45c08895fdfecefce46a4de5edb
ansible-role-sudo/tasks/main.yml
Markus Pesch 93fe0a4826
All checks were successful
continuous-integration/drone/push Build is passing
Details
fix: enable includedir directive
2023-02-15 21:49:51 +01:00

42 lines
1.1 KiB
YAML
Raw Blame History

---
- name: Load variables
include_vars: "{{ ansible_os_family }}.yml"
- name: Install sudo
package:
name: "{{ item }}"
state: present
with_items: "{{ sudo_users_package_names }}"
- name: Enable includedir directive
lineinfile:
dest: /etc/sudoers
state: present
regexp: "^(#)+(\\s)*includedir(\\s)*/etc/sudoers.d"
line: "#includedir /etc/sudoers.d"
validate: 'visudo --check --file %s'
mode: 0440
owner: root
group: root
- name: Flush drop-in files of sudoers.d
file:
state: "{{ item }}"
path: "/etc/sudoers.d"
owner: root
group: root
mode: 0750
with_items:
- absent
- directory
- name: Create drop-in files of sudoers.d
community.general.sudoers:
name: "{{ item.key }}"
state: present
user: "{{ item.key }}"
nopassword: "{{ item.value.without_password | default(False) }}"
commands: "{{ items.value.command | join(',') if items.value.command is defined and items.value.command | length > 0 else 'ALL' }}"
when: "item.value | length > 0"
with_dict: "{{ sudo_users_sudoers }}"
Reference in New Issue View Git Blame Copy Permalink