From 8631d62bc6dce1dad362dd0283d51bfad7e03fba Mon Sep 17 00:00:00 2001 From: Tristan PILAT Date: Sun, 14 Apr 2019 20:18:55 +0200 Subject: [PATCH 1/2] Load root's environment when using doas --- roles/base/templates/doas.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/base/templates/doas.conf.j2 b/roles/base/templates/doas.conf.j2 index 0d313a5..d28bf2f 100644 --- a/roles/base/templates/doas.conf.j2 +++ b/roles/base/templates/doas.conf.j2 @@ -1,5 +1,5 @@ # {{ ansible_managed }} -permit setenv {ENV PS1 SSH_AUTH_SOCK SSH_TTY} :wheel +permit setenv {SSH_AUTH_SOCK SSH_TTY PKG_PATH HOME=/root ENV=/root/.profile} :wheel permit nopass root permit setenv {ENV PS1 SSH_AUTH_SOCK SSH_TTY} nopass :wheel as root cmd /usr/share/scripts/evomaintenance.sh permit nopass _nrpe cmd /usr/local/libexec/nagios/check_ipsecctl.sh -- 2.39.2 From 6d68774e602362cdc62787a91f5523d9de5cac1f Mon Sep 17 00:00:00 2001 From: Tristan PILAT Date: Fri, 19 Apr 2019 23:55:31 +0200 Subject: [PATCH 2/2] Add a warning message in the NRPE configuration requesting to use an alternative configuration file for local modifications --- roles/nagios-nrpe/templates/evolix_bsd.cfg.j2 | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/nagios-nrpe/templates/evolix_bsd.cfg.j2 b/roles/nagios-nrpe/templates/evolix_bsd.cfg.j2 index 0420fcb..fe51fac 100644 --- a/roles/nagios-nrpe/templates/evolix_bsd.cfg.j2 +++ b/roles/nagios-nrpe/templates/evolix_bsd.cfg.j2 @@ -2,6 +2,8 @@ # Custom NRPE configuration file. # Part of the EvoBSD distribution. # +# This is an Ansible managed file ! +# For local modifications use the /etc/nrpe.d/zzz-evolix.cfg file instead # Allowed IPs allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }} @@ -36,3 +38,6 @@ command[check_smb]=/usr/local/libexec/nagios/check_tcp -H IPLOCALE -p 445 #command[check_ospf6d]=doas /usr/local/libexec/nagios/plugins/check_ospf6d command[check_ospfd_simple]=sudo /usr/local/libexec/nagios/plugins/check_ospfd_simple command[check_mysql]=/usr/local/libexec/nagios/check_mysql -H 127.0.0.1 -f /etc/nrpe.d/.my.cnf + +# This is an Ansible managed file! +# For local modifications use the /etc/nrpe.d/zzz-evolix.cfg file instead -- 2.39.2