2016-11-07 14:00:57 +01:00
|
|
|
---
|
|
|
|
# TODO: trouver comment faire une copie initiale de /etc/fstab
|
|
|
|
# TODO: try to use the custom mount_uuid module for a different approach
|
|
|
|
|
|
|
|
- name: Fetch fstab content
|
2016-12-23 22:45:42 +01:00
|
|
|
command: "grep -v '^#' /etc/fstab"
|
2016-11-07 14:00:57 +01:00
|
|
|
register: fstab_content
|
|
|
|
failed_when: False
|
|
|
|
changed_when: False
|
|
|
|
|
|
|
|
- name: /home partition is customized (noexec,nosuid,nodev)
|
|
|
|
replace:
|
|
|
|
dest: /etc/fstab
|
|
|
|
regexp: '(\s+/home\s+\w+\s+defaults)(\s+)'
|
|
|
|
replace: '\1,noexec,nosuid,nodev\2'
|
|
|
|
backup: yes
|
|
|
|
notify: remount /home
|
|
|
|
when: "' /home ' in fstab_content.stdout"
|
|
|
|
|
|
|
|
- name: /tmp partition is customized (noexec,nosuid,nodev)
|
|
|
|
replace:
|
|
|
|
dest: /etc/fstab
|
|
|
|
regexp: '(\s+/tmp\s+\w+\s+defaults)(\s+)'
|
|
|
|
replace: '\1,noexec,nosuid,nodev\2'
|
|
|
|
backup: yes
|
|
|
|
when: "' /tmp ' in fstab_content.stdout"
|
|
|
|
|
|
|
|
- name: /usr partition is customized (ro)
|
|
|
|
replace:
|
|
|
|
dest: /etc/fstab
|
|
|
|
regexp: '(\s+/usr\s+\w+\s+defaults)(\s+)'
|
|
|
|
replace: '\1,ro\2'
|
|
|
|
backup: yes
|
|
|
|
when: "' /usr ' in fstab_content.stdout"
|
|
|
|
|
|
|
|
- name: /var partition is customized (nosuid)
|
|
|
|
replace:
|
|
|
|
dest: /etc/fstab
|
|
|
|
regexp: '(\s+/var\s+\w+\s+defaults)(\s+)'
|
|
|
|
replace: '\1,nosuid\2'
|
|
|
|
backup: yes
|
|
|
|
notify: remount /var
|
|
|
|
when: "' /var ' in fstab_content.stdout"
|
|
|
|
|
|
|
|
- name: /var/tmp is created
|
|
|
|
mount:
|
|
|
|
src: tmpfs
|
2016-12-26 11:36:47 +01:00
|
|
|
name: /var/tmp
|
2016-11-07 14:00:57 +01:00
|
|
|
fstype: tmpfs
|
|
|
|
opts: defaults,noexec,nosuid,nodev,size=1024m
|
|
|
|
state: mounted
|
|
|
|
|
|
|
|
- meta: flush_handlers
|