mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-11 11:15:55 +00:00
dc0a5585fb
This patch adds the following attributes to ipasudorule:
- order
- sudooption
- runasuser
- runasgroup
It also fixes behavior of sudocmd assigned to the the sudorule, with the
adittion of the attributes:
- allow_sudocmds
- deny_sudocmds
- allow_sudocmdgroups
- deny_sudocmdgroups
README-sudorule and tests have been updated to comply with the changes.
15 lines
295 B
YAML
15 lines
295 B
YAML
---
|
|
- name: Tests
|
|
hosts: ipaserver
|
|
become: true
|
|
|
|
tasks:
|
|
# Ensure sudorule command is present
|
|
- ipasudorule:
|
|
ipaadmin_password: MyPassword123
|
|
name: testrule1
|
|
description: A test sudo rule.
|
|
allow_sudocmd: /bin/ls
|
|
deny_sudocmd: /bin/vim
|
|
state: present
|