diff options
| -rw-r--r-- | ansible/roles/common/tasks/main.yml | 15 | ||||
| -rw-r--r-- | ansible/roles/common/templates/sudoers.j2 | 4 |
2 files changed, 17 insertions, 2 deletions
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml index d23c6e0..af2d010 100644 --- a/ansible/roles/common/tasks/main.yml +++ b/ansible/roles/common/tasks/main.yml @@ -84,12 +84,23 @@ tags: - role::common -- name: Add sudoers lecture path +- name: Configure sudo + template: + src: sudoers.j2 + dest: /etc/sudoers.d/pydis + owner: root + group: root + mode: '0440' + validate: /usr/sbin/visudo -cf %s + tags: + - role::common + +- name: Remove sudoers lecture path lineinfile: dest: /etc/sudoers regexp: '^Defaults +?lecture_file ?= ?".+?"$' line: 'Defaults lecture_file = "/etc/sudo_lecture"' - state: present + state: absent validate: /usr/sbin/visudo -cf %s tags: - role::common diff --git a/ansible/roles/common/templates/sudoers.j2 b/ansible/roles/common/templates/sudoers.j2 new file mode 100644 index 0000000..91d24cc --- /dev/null +++ b/ansible/roles/common/templates/sudoers.j2 @@ -0,0 +1,4 @@ +Defaults lecture_file="/etc/sudo_lecture" +Defaults insults + +# vim: ft=sudoers.j2: |