2018-12-28 11:23:49 +01:00
|
|
|
---
|
2022-06-23 16:17:42 +02:00
|
|
|
- name: "Configure sudoers umask"
|
2020-10-08 15:42:52 +02:00
|
|
|
lineinfile:
|
|
|
|
dest: /etc/sudoers
|
|
|
|
insertafter: '# Defaults specification'
|
|
|
|
line: 'Defaults umask=0077'
|
|
|
|
validate: 'visudo -cf %s'
|
|
|
|
tags:
|
|
|
|
- sudo
|
|
|
|
|
2022-06-23 16:17:42 +02:00
|
|
|
- name: "Allow wheel group to run command as root in sudo"
|
2018-12-28 11:23:49 +01:00
|
|
|
lineinfile:
|
|
|
|
dest: /etc/sudoers
|
|
|
|
insertafter: '# and set environment variables.'
|
2020-10-13 12:01:18 +02:00
|
|
|
line: "%wheel\tALL=(ALL) SETENV: ALL"
|
2018-12-28 11:23:49 +01:00
|
|
|
validate: 'visudo -cf %s'
|
2020-06-01 11:37:15 +02:00
|
|
|
backup: false
|
2018-12-28 11:23:49 +01:00
|
|
|
tags:
|
2020-06-01 11:37:15 +02:00
|
|
|
- sudo
|
2018-12-28 11:23:49 +01:00
|
|
|
|
2022-06-23 16:17:42 +02:00
|
|
|
- name: "Delete line with space instead of tab"
|
2020-10-13 12:01:18 +02:00
|
|
|
lineinfile:
|
|
|
|
dest: /etc/sudoers
|
|
|
|
line: "%wheel ALL=(ALL) SETENV: ALL"
|
|
|
|
validate: 'visudo -cf %s'
|
|
|
|
backup: false
|
|
|
|
state: absent
|
|
|
|
tags:
|
|
|
|
- sudo
|
|
|
|
|
2022-06-23 16:17:42 +02:00
|
|
|
- name: "Configure sudoers for evomaintenance and monitoring"
|
2018-12-28 11:23:49 +01:00
|
|
|
blockinfile:
|
|
|
|
state: present
|
|
|
|
dest: /etc/sudoers
|
|
|
|
insertafter: EOF
|
|
|
|
block: |
|
|
|
|
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh
|
|
|
|
%wheel ALL=NOPASSWD: MAINT
|
2020-10-22 11:28:06 +02:00
|
|
|
%evolinux-sudo ALL=(ALL) SETENV: ALL
|
2018-12-28 11:23:49 +01:00
|
|
|
validate: 'visudo -cf %s'
|
2020-06-01 11:37:15 +02:00
|
|
|
backup: false
|
2018-12-28 11:23:49 +01:00
|
|
|
tags:
|
2020-06-01 11:37:15 +02:00
|
|
|
- sudo
|