Manage sudoers and sudoers.d in Debian-like systems.
None
-
sudoers_sudoers
:/etc/sudoers
file declarations -
sudoers_sudoers.defaults
: [default: seedefaults/main.yml
]: Default configuration options -
sudoers_sudoers.host_aliases
: [default:[]
]: A list of aliases of typeHost_Alias
-
sudoers_sudoers.host_aliases.name
: Name of the alias -
sudoers_sudoers.host_aliases.members
: Member(s) of the alias -
sudoers_sudoers.user_aliases
: [default:[]
]: A list of aliases of typeUser_Alias
-
sudoers_sudoers.user_aliases.name
: Name of the alias -
sudoers_sudoers.user_aliases.members
: Member(s) of the alias -
sudoers_sudoers.cmnd_aliases
: [default:[]
]: A list of aliases of typeCmnd_Alias
-
sudoers_sudoers.cmnd_aliases.name
: Name of the alias -
sudoers_sudoers.cmnd_aliases.members
: Member(s) of the alias -
sudoers_sudoers.runas_aliases
: [default:[]
]: A list of aliases of typeRunas_Alias
-
sudoers_sudoers.runas_aliases.name
: Name of the alias -
sudoers_sudoers.runas_aliases.members
: Member(s) of the alias -
sudoers_sudoers.privileges
: [default: seedefaults/main.yml
]: List of privileges -
sudoers_sudoers.privileges.name
: Name of user or group (group should be prefixed with '%') -
sudoers_sudoers.privileges.entry
: A privilege entry -
sudoers_sudoers_d_files
[default:{}
]:/etc/sudoers.d/*
file(s) declarations -
sudoers_sudoers_d_files.key
: The name of the sudoers configuration file (e.gvagrant
) -
sudoers_sudoers_d_files.key.defaults
[default:[]
]: Default configuration options -
sudoers_sudoers_d_files.key.host_aliases
[default:[]
]: A list of aliases of typeHost_Alias
-
sudoers_sudoers_d_files.key.host_aliases.name
: Name of the alias -
sudoers_sudoers_d_files.key.host_aliases.members
: Member(s) of the alias -
sudoers_sudoers_d_files.key.user_aliases
[default:[]
]: A list of aliases of typeUser_Alias
-
sudoers_sudoers_d_files.key.user_aliases.name
: Name of the alias -
sudoers_sudoers_d_files.key.user_aliases.members
: Member(s) of the alias -
sudoers_sudoers_d_files.key.cmnd_aliases
[default:[]
]: A list of aliases of typeCmnd_Alias
-
sudoers_sudoers_d_files.key.cmnd_aliases.name
: Name of the alias -
sudoers_sudoers_d_files.key.cmnd_aliases.members
: Member(s) of the alias -
sudoers_sudoers_d_files.key.runas_aliases
[default:[]
]: A list of aliases of typeRunas_Alias
-
sudoers_sudoers_d_files.key.runas_aliases.name
: Name of the alias -
sudoers_sudoers_d_files.key.runas_aliases.members
: Member(s) of the alias -
sudoers_sudoers_d_files.key.privileges
[default:[]
]: List of privileges -
sudoers_sudoers_d_files.key.privileges.name
: Name of user or group (group should be prefixed with '%') -
sudoers_sudoers_d_files.key.privileges.entry
: A privilege entry -
sudoers_sudoers_d_directory_mode
[default: keep as is]: Directory mode for/etc/sudoers.d
, e.g.'0750'
None
---
- hosts: all
roles:
- oefenweb.sudoers
---
- hosts: all
roles:
- oefenweb.sudoers
vars:
sudoers_sudoers:
defaults:
- env_reset
- exempt_group=sudo
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_aliases:
- name: CUNETS
members: 128.138.0.0/255.255.0.0
- name: SERVERS
members: master, mail, www, ns
user_aliases:
- name: FULLTIMERS
members: millert, mikef, dowdy
- name: PARTTIMERS
members: bostley, jwfox, crawl
cmnd_aliases:
- name: KILL
members: /usr/bin/kill
- name: HALT
members: /usr/sbin/halt
privileges:
- name: root
entry: "ALL=(ALL:ALL) ALL"
- name: "%admin"
entry: "ALL=(ALL) ALL"
- name: "%sudo"
entry: "ALL=NOPASSWD:ALL"
sudoers_sudoers_d_files:
test:
defaults:
- env_reset
- exempt_group=sudo
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_aliases:
- name: WORKSTATIONS
members: 128.138.0.0/255.255.0.0
privileges:
- name: test
entry: "ALL=(ALL:ALL) ALL"
MIT
- Mark van Driel
- Mischa ter Smitten
Are welcome!