internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity

sudorule: Add support for 'hostmask' parameter

Browse Source 
The hostmask parameter allows matching a sudorule against a network
address, and was missing from ipasudorule module.

Documentation and tests were updated to reflect changes.

Two new example playbooks are available:

    playbooks/sudorule/ensure-sudorule-hostmask-member-is-absent.yml
    playbooks/sudorule/ensure-sudorule-hostmask-member-is-present.yml
This commit is contained in:
Rafael Guterres Jeffman
2022-09-26 16:09:15 -03:00
parent 9423eb81b7
commit d859ddc7fe
5 changed files with 188 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README-sudorule.md
View File

@@ -129,6 +129,7 @@ Variable | Description | Required
`nomembers` | Suppress processing of membership attributes. (bool) | no
`host` | List of host name strings assigned to this sudorule. | no
`hostgroup` | List of host group name strings assigned to this sudorule. | no
`hostmask` | List of host masks of allowed hosts | no
`user` | List of user name strings assigned to this sudorule. | no
`group` | List of user group name strings assigned to this sudorule. | no
`allow_sudocmd` | List of sudocmd name strings assigned to the allow group of this sudorule. | no