axemann.sudois an Ansible role which:
- installs sudo
- configures sudo
Note:
Since Ansible Galaxy supports organization now, this role has moved from
franklinkim.sudotoaxemann.sudo!
Using ansible-galaxy:
ansible-galaxy install axemann.sudoUsing requirements.yml:
- src: axemann.sudoUsing git:
git clone https://github.com/axemann/ansible-role-sudo.git axemann.sudo- Ansible >= 2.5
Here is a list of all the default variables for this role, which are also available in defaults/main.yml.
---
# sudo_defaults:
# - defaults: env_reset
# - name: user1
# defaults: requiretty
# sudo_users:
# - name: '%group1'
# - name: 'bar'
# nopasswd: yes
# - name: '%group2'
# commands: '/bin/ls'
# - name: '%group3'
# commands:
# - /bin/ls
# - /bin/df
# - name: '%group4'
# hosts: 127.0.0.1
# package name (version)
sudo_package: sudo
# list of username or %groupname
sudo_users: []
# list of username or %groupname and their defaults
sudo_defaults: []
# default sudoers file
sudo_sudoers_file: ansible
# path of the sudoers.d directory
sudo_sudoers_d_path: /etc/sudoers.d
# delete other files in `sudo_sudoers_d_path`
purge_other_sudoers_files: false
This is an example playbook:
---
- hosts: all
become: yes
roles:
- axemann.sudo
vars:
sudo_defaults:
- defaults: env_reset
- defaults: secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
- name: 'user1'
defaults: 'requiretty'
- name: '%group1'
defaults: '!requiretty'
sudo_users:
- name: 'user1'
- name: 'user2'
nopasswd: yes
- name: '%group1'
hosts: 127.0.0.1
- name: '%group2'
commands: '/bin/ls'
- name: '%group3'
commands:
- '/usr/bin/ls'
- '/usr/bin/df'
- '/usr/bin/mailq'
- name: '%group4'
users: 'user1,user2'
groups: 'group1,group2'
purge_other_sudoers_files: yes
git clone https://github.com/axemann/ansible-role-sudo.git
cd ansible-role-sudo
make testIn lieu of a formal style guide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request
Note: To update the README.md file please install and run ansible-role:
gem install ansible-role
ansible-role docgenCopyright (c) under the MIT license.