29 lines
715 B
YAML
29 lines
715 B
YAML
---
|
|
- name: Configure visudo for secure sudoers
|
|
hosts: all
|
|
become: yes
|
|
tasks:
|
|
- name: Allow admin group passwordless sudo
|
|
copy:
|
|
dest: /etc/sudoers.d/admin
|
|
content: "%{{ ansible_user }} ALL=(ALL) NOPASSWD:ALL"
|
|
owner: root
|
|
group: root
|
|
mode: '0440'
|
|
|
|
##For a specific user
|
|
|
|
---
|
|
- name: Add linuxadmin to sudoers
|
|
hosts: all
|
|
become: yes
|
|
tasks:
|
|
- name: Ensure linuxadmin can sudo without a password
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
regexp: '^linuxadmin'
|
|
line: 'linuxadmin ALL=(ALL) NOPASSWD: ALL'
|
|
validate: 'visudo -cf %s'
|
|
|
|
#Just replace linuxadmin with the user you want to add to the sudo group. |