From bbdbd53cca747cccd5ec0c54492c021223dc753d Mon Sep 17 00:00:00 2001 From: Gregory Colpart Date: Tue, 22 Aug 2017 00:48:17 +0200 Subject: [PATCH] Avoid using vars not well defined in src file name AND be compatible with Debian 10 --- admin-users/tasks/sudo.yml | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/admin-users/tasks/sudo.yml b/admin-users/tasks/sudo.yml index 2587e6d5..49b9c71e 100644 --- a/admin-users/tasks/sudo.yml +++ b/admin-users/tasks/sudo.yml @@ -1,20 +1,30 @@ --- -- name: Verify Evolinux sudoers file presence +- name: "Verify Evolinux sudoers file presence (jessie)" template: - src: sudoers_{{ ansible_distribution_release }}.j2 + src: sudoers_jessie.j2 dest: /etc/sudoers.d/evolinux force: no validate: '/usr/sbin/visudo -cf %s' register: copy_sudoers_evolinux + when: ansible_distribution_release == "jessie" -- name: Verify Evolinux sudoers file permissions +- name: "Verify Evolinux sudoers file presence (Debian 9 or later)" + template: + src: sudoers_stretch.j2 + dest: /etc/sudoers.d/evolinux + force: no + validate: '/usr/sbin/visudo -cf %s' + register: copy_sudoers_evolinux + when: ansible_distribution_major_version | version_compare('9', '>=') + +- name: "Verify Evolinux sudoers file permissions" file: path: /etc/sudoers.d/evolinux mode: "0440" state: file -- name: "Add user in sudoers file for '{{ user.name }}'" +- name: "Add user in sudoers file for '{{ user.name }}' (jessie)" replace: dest: /etc/sudoers.d/evolinux regexp: '^(User_Alias\s+ADMINS\s+=((?!{{ user.name }}).)*)$' @@ -24,7 +34,7 @@ - ansible_distribution_release == "jessie" - not copy_sudoers_evolinux.changed -- name: "Create evolinux-sudo group" +- name: "Create evolinux-sudo group (Debian 9 or later)" group: name: evolinux-sudo system: yes