sudoer.yml 564 Bytes
Newer Older
julian.gethmann's avatar
julian.gethmann committed
1
2
3
---
- name: Ensure sudo is installed
  become: yes
julian.gethmann's avatar
julian.gethmann committed
4
5
6
  package:
    pkg: sudo
    state: present
julian.gethmann's avatar
julian.gethmann committed
7
8
9

- name: Copy sudoers file including validation
  become: yes
julian.gethmann's avatar
julian.gethmann committed
10
11
12
13
14
15
16
17
  template:
    src: sudoers.j2
    dest: /etc/sudoers.d/sudoers
    validate: 'visudo -cf %s'
    backup: yes
    owner: root
    group: root
    mode: 0440
julian.gethmann's avatar
julian.gethmann committed
18
  notify: lock root user
julian.gethmann's avatar
julian.gethmann committed
19
20
21

- name: requiretty in sudoers
  become: yes
julian.gethmann's avatar
julian.gethmann committed
22
23
24
25
26
27
28
  lineinfile:
    backup: yes
    regexp: "Defaults    !?requiretty"
    state: present
    dest: /etc/sudoers
    line: "Defaults    !requiretty"
    validate: "visudo -c -f %s"