baseline_sudo¶
The cake function baseline_sudo executes the Blunix Ansible role-sudo, which installs and configures sudo to grant password-based or password-less access to root permissions. The role installs the sudo apt package and configures /etc/sudoers.
Information¶
| Key | Value |
|---|---|
| Playbook path | plays/baseline/sudo.yml |
| Role | https://git.blunix.com/ansible-roles/role-sudo |
| Tags | https://git.blunix.com/ansible-roles/role-sudo/-/tags |
| Defaults | https://git.blunix.com/ansible-roles/role-sudo/-/blob/master/defaults/main.yml |
| Config file | Description |
|---|---|
| /etc/sudoers | Defines rules on which Linux users and groups may use sudo for what |
Example¶
inventory/group_vars/cus_tool_prod_myapp:
sudo_user_aliases:
- "ADMINS = %sudo,%myapp"
- "TEST = %sudo,%myapp"
sudo_host_aliases:
- "TEST = localhost"
sudo_runas_aliases:
- "ROOT = #0"
sudo_permissions:
- "root ALL=(ALL:ALL) ALL"
- "%sudo ALL=(ALL:ALL) ALL"
- "ADMINS ALL=(ALL) NOPASSWD:ALL"
- "TEST TEST=(ROOT) NOPASSWD:ALL"