sudorule: Add support for 'hostmask' parameter

The hostmask parameter allows matching a sudorule against a network address, and was missing from ipasudorule module. Documentation and tests were updated to reflect changes. Two new example playbooks are available: playbooks/sudorule/ensure-sudorule-hostmask-member-is-absent.yml playbooks/sudorule/ensure-sudorule-hostmask-member-is-present.yml
2026-03-26 21:33:05 +00:00 · 2022-09-26 16:09:15 -03:00
parent 9423eb81b7
commit d859ddc7fe
5 changed files with 188 additions and 15 deletions
--- a/playbooks/sudorule/ensure-sudorule-hostmask-member-is-absent.yml
+++ b/playbooks/sudorule/ensure-sudorule-hostmask-member-is-absent.yml
@@ -0,0 +1,14 @@
+---
+- name: Playbook to manage sudorule
+  hosts: ipaserver
+  become: no
+  gather_facts: no
+
+  tasks:
+  - name: Ensure hostmask network is absent in sudorule
+    ipasudorule:
+      ipaadmin_password: SomeADMINpassword
+      name: testrule1
+      hostmask: 192.168.122.37/24
+      action: member
+      state: absent
--- a/playbooks/sudorule/ensure-sudorule-hostmask-member-is-present.yml
+++ b/playbooks/sudorule/ensure-sudorule-hostmask-member-is-present.yml
@@ -0,0 +1,13 @@
+---
+- name: Playbook to manage sudorule
+  hosts: ipaserver
+  become: no
+  gather_facts: no
+
+  tasks:
+  - name: Ensure hostmask network is present in sudorule
+    ipasudorule:
+      ipaadmin_password: SomeADMINpassword
+      name: testrule1
+      hostmask: 192.168.122.37/24
+      action: member