mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-05-14 21:42:17 +00:00
fce3935d03
There is a new sudocmdgroup management module placed in the plugins folder: plugins/modules/ipasudocmdgroup.py The sudocmdgroup module allows to add or remove sudo command groups.. The sudocmdgroup module is as compatible as possible to the Ansible upstream ipa_sudocmdgroup module, and additionally offers to ensure member presence and absence. Here is the documentation for the module: README-sudocmdgroup.md New example playbooks have been added: playbooks/sudocmd/ensure-sudocmdgroup-is-absent.yml playbooks/sudocmd/ensure-sudocmdgroup-is-present.yml playbooks/sudocmd/ensure-sudocmd-is-absent-in-sudocmdgroup.yml playbooks/sudocmd/ensure-sudocmd-is-present-in-sudocmdgroup.yml A test playbook is provided in: tests/sudocmdgroup/test_sudocmdgroup.yml Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
23 lines
486 B
YAML
23 lines
486 B
YAML
---
|
|
- name: Playbook to handle sudocmdgroups
|
|
hosts: ipaserver
|
|
become: true
|
|
|
|
tasks:
|
|
# Ensure sudo commands are present
|
|
- ipasudocmd:
|
|
ipaadmin_password: MyPassword123
|
|
name:
|
|
- /usr/sbin/ifconfig
|
|
- /usr/sbin/iwlist
|
|
state: present
|
|
|
|
# Ensure sudo commands are present in existing sudocmdgroup
|
|
- ipasudocmdgroup:
|
|
ipaadmin_password: MyPassword123
|
|
name: network
|
|
sudocmd:
|
|
- /usr/sbin/ifconfig
|
|
- /usr/sbin/iwlist
|
|
action: member
|