weareinteractive.sudo
is an Ansible role which:
- installs sudo
- configures sudo
Note:
Since Ansible Galaxy supports organization now, this role has moved from
franklinkim.sudo
toweareinteractive.sudo
!
Using ansible-galaxy
:
$ ansible-galaxy install weareinteractive.sudo
Using requirements.yml
:
- src: weareinteractive.sudo
Using git
:
$ git clone https://github.com/weareinteractive/ansible-sudo.git weareinteractive.sudo
- Ansible >= 2.5
Here is a list of all the default variables for this role, which are also available in defaults/main.yml
.
---
# sudo_defaults:
# - defaults: env_reset
# - name: user1
# defaults: requiretty
# sudo_users:
# - name: '%group1'
# - name: 'bar'
# nopasswd: yes
# - name: '%group2'
# commands: '/bin/ls'
# - name: '%group3'
# commands:
# - /bin/ls
# - /bin/df
# - name: '%group4'
# hosts: 127.0.0.1
# package name (version)
sudo_package: sudo
# list of username or %groupname
sudo_users: []
# list of username or %groupname and their defaults
sudo_defaults: []
# default sudoers file
sudo_sudoers_file: ansible
# path of the sudoers.d directory
sudo_sudoers_d_path: /etc/sudoers.d
# delete other files in `sudo_sudoers_d_path`
purge_other_sudoers_files: no
This is an example playbook:
---
- hosts: all
become: yes
roles:
- weareinteractive.sudo
vars:
sudo_defaults:
- defaults: env_reset
- defaults: secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
- name: 'user1'
defaults: 'requiretty'
- name: '%group1'
defaults: '!requiretty'
sudo_users:
- name: 'user1'
- name: 'user2'
nopasswd: yes
- name: '%group1'
hosts: 127.0.0.1
- name: '%group2'
commands: '/bin/ls'
- name: '%group3'
commands:
- '/usr/bin/ls'
- '/usr/bin/df'
- '/usr/bin/mailq'
- name: '%group4'
users: 'user1,user2'
groups: 'group1,group2'
purge_other_sudoers_files: yes
$ git clone https://github.com/weareinteractive/ansible-sudo.git
$ cd ansible-sudo
$ make test
In lieu of a formal style guide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request
Note: To update the README.md
file please install and run ansible-role
:
$ gem install ansible-role
$ ansible-role docgen
Copyright (c) We Are Interactive under the MIT license.