Skip to content

C
configuration
Commit 738e3c7a by Vik Paruchuri
Options

Add in policykit and some comments

parent 92769e1f
Showing with 7 additions and 2 deletions
playbooks/roles/discern/tasks/main.yml
--- ---
#Allows us to recover from a bad sudoers file
- name: Install policykit
apt: pkg=policykit-1 install_recommends=yes state=present update_cache=yes
#Discern user is admin
- name: Create discern user - name: Create discern user
# Admin users, by definition, should be able to sudo w/ password, and read adm-only files
user: name={{ discern_user }} append=yes groups={{ "adm,edx" }} shell=/bin/bash user: name={{ discern_user }} append=yes groups={{ "adm,edx" }} shell=/bin/bash
- name: upload sudoers template to sudoers.tmp - name: upload sudoers template to /tmp/sudoers
copy: src=sudoers-discern dest=/tmp/{{site_name}} owner=root group=root mode=0440 copy: src=sudoers-discern dest=/tmp/{{site_name}} owner=root group=root mode=0440
#Verify file and move to sudoers.d folder
- name: move temp file to sudoers.d - name: move temp file to sudoers.d
shell: visudo -q -c -f /tmp/{{site_name}} && cp /tmp/{{site_name}} /etc/sudoers.d/{{site_name}} shell: visudo -q -c -f /tmp/{{site_name}} && cp /tmp/{{site_name}} /etc/sudoers.d/{{site_name}}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment