evolinux-users: Fix "disable root login" task
This commit is contained in:
parent
0098cd2f08
commit
86978a8225
|
@ -66,7 +66,7 @@
|
|||
- evolinux_root_disable_ssh | bool
|
||||
- ansible_distribution_major_version is version('11', '<=')
|
||||
|
||||
- name: verify PermitRootLogin directive
|
||||
- name: verify PermitRootLogin directive (Debian >= 12)
|
||||
ansible.builtin.command:
|
||||
cmd: "grep -Er '^PermitRootLogin' /etc/ssh"
|
||||
changed_when: False
|
||||
|
@ -81,12 +81,12 @@
|
|||
var: grep_permitrootlogin_ssh
|
||||
verbosity: 1
|
||||
|
||||
- name: disable root login (Debian <= 12)
|
||||
ansible.builtin.replace:
|
||||
- name: disable root login (Debian >= 12)
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config.d/z-evolinux-defaults.conf
|
||||
line: "PermitRootLogin no"
|
||||
create: yes
|
||||
validate: '/usr/sbin/sshd -t -f /etc/ssh/sshd_config.d/z-evolinux-defaults.conf'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
notify: reload sshd
|
||||
when:
|
||||
- evolinux_root_disable_ssh | bool
|
||||
|
|
Loading…
Reference in a new issue