40 lines
1.2 KiB
YAML
40 lines
1.2 KiB
YAML
---
|
|
# vars file for ensure_sudo
|
|
package_list:
|
|
- name: 'libsss_sudo'
|
|
state: 'present'
|
|
- name: 'sudo'
|
|
state: 'present'
|
|
template_list:
|
|
- dest: '/etc/dnf/protected.d/sudo.conf'
|
|
group: 'root'
|
|
mode: '0644'
|
|
owner: 'root'
|
|
src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/dnf/protected.d/sudo.conf'
|
|
- dest: '/etc/pam.d/sudo'
|
|
group: 'root'
|
|
mode: '0644'
|
|
owner: 'root'
|
|
src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/pam.d/sudo'
|
|
- dest: '/etc/pam.d/sudo-i'
|
|
group: 'root'
|
|
mode: '0644'
|
|
owner: 'root'
|
|
src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/pam.d/sudo-i'
|
|
- dest: '/etc/sudo.conf'
|
|
group: 'root'
|
|
mode: '0640'
|
|
owner: 'root'
|
|
src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/sudo.conf'
|
|
- dest: '/etc/sudoers'
|
|
group: 'root'
|
|
mode: '0440'
|
|
owner: 'root'
|
|
src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/sudoers'
|
|
- dest: '/etc/sudoers.d/session_log'
|
|
group: 'root'
|
|
mode: '0440'
|
|
owner: 'root'
|
|
src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/sudoers.d/session_log.j2'
|
|
|