sudoer.yml 564 Bytes
Newer Older
Julian Gethmann's avatar
Julian Gethmann committed
1 2 3
---
- name: Ensure sudo is installed
  become: yes
julian.gethmann's avatar
julian.gethmann committed
4 5 6
  package:
    pkg: sudo
    state: present
Julian Gethmann's avatar
Julian Gethmann committed
7 8 9

- name: Copy sudoers file including validation
  become: yes
julian.gethmann's avatar
julian.gethmann committed
10 11 12 13 14 15 16 17
  template:
    src: sudoers.j2
    dest: /etc/sudoers.d/sudoers
    validate: 'visudo -cf %s'
    backup: yes
    owner: root
    group: root
    mode: 0440
julian.gethmann's avatar
julian.gethmann committed
18
  notify: lock root user
Julian Gethmann's avatar
Julian Gethmann committed
19 20 21

- name: requiretty in sudoers
  become: yes
julian.gethmann's avatar
julian.gethmann committed
22 23 24 25 26 27 28
  lineinfile:
    backup: yes
    regexp: "Defaults    !?requiretty"
    state: present
    dest: /etc/sudoers
    line: "Defaults    !requiretty"
    validate: "visudo -c -f %s"