weareinteractive.sudo

Panoramica Versioni Approfondimenti

Ansible weareinteractive.sudo Role

Build Status Galaxy GitHub Tags GitHub Stars

weareinteractive.sudo is an Ansible role that:

  • Installs sudo
  • Configures sudo

Note:

This role has changed its name from franklinkim.sudo to weareinteractive.sudo now that Ansible Galaxy supports organizations!

Installation

To install using ansible-galaxy:

$ ansible-galaxy install weareinteractive.sudo

To install using requirements.yml:

- src: weareinteractive.sudo

To install using git:

$ git clone https://github.com/weareinteractive/ansible-sudo.git weareinteractive.sudo

Dependencies

  • Requires Ansible version 2.5 or higher.

Variables

Here are the default variables for this role, found in defaults/main.yml.

---
# sudo_defaults:
#  - defaults: env_reset
#  - name: user1
#    defaults: requiretty
# sudo_users:
#  - name: '%group1'
#  - name: 'bar'
#    nopasswd: yes
#  - name: '%group2'
#    commands: '/bin/ls'
#  - name: '%group3'
#    commands:
#      - /bin/ls
#      - /bin/df
#  - name: '%group4'
#    hosts: 127.0.0.1

# Package name (version)
sudo_package: sudo
# List of usernames or group names
sudo_users: []
# User defaults
sudo_defaults: []
# Default sudoers file
sudo_sudoers_file: ansible
# Path to the sudoers.d directory
sudo_sudoers_d_path: /etc/sudoers.d
# Option to remove other files in the directory
purge_other_sudoers_files: no

Usage

Here is an example playbook:

---

- hosts: all
  become: yes
  roles:
    - weareinteractive.sudo
  vars:
    sudo_defaults:
      - defaults: env_reset
      - defaults: secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      - name: 'user1'
        defaults: 'requiretty'
      - name: '%group1'
        defaults: '!requiretty'
    sudo_users:
      - name: 'user1'
      - name: 'user2'
        nopasswd: yes
      - name: '%group1'
        hosts: 127.0.0.1
      - name: '%group2'
        commands: '/bin/ls'
      - name: '%group3'
        commands:
          - '/usr/bin/ls'
          - '/usr/bin/df'
          - '/usr/bin/mailq'
      - name: '%group4'
        users: 'user1,user2'
        groups: 'group1,group2'
    purge_other_sudoers_files: yes

Testing

To test the role, run the following commands:

$ git clone https://github.com/weareinteractive/ansible-sudo.git
$ cd ansible-sudo
$ make test

Contributing

To contribute, please follow these steps:

  1. Fork the repository
  2. Create a feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Open a new Pull Request

Note: To update the README.md file, please install and run ansible-role:

$ gem install ansible-role
$ ansible-role docgen

License

This project is licensed under the MIT license by We Are Interactive.

Informazioni sul progetto

Installs and configures sudo

role sudo system
Installa
ansible-galaxy install weareinteractive.sudo
GitHub repository
42 stelle
44 fork
8 problemi aperti
Licenza
mit
Download
300.4k
Proprietario