blob: 2d36f2ba4ac4e9eda891817fe38c49c268c4e44c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
- name: include operating system sensible task
include_tasks: "_{{ ansible_distribution | lower }}.yml"
tags: sysconf
- name: generate doas configuration
lineinfile:
path: /etc/doas.conf
regexp: "^permit persist keepenv {{ ws_user }} as root"
line: "permit persist keepenv {{ ws_user }} as root"
create: true
mode: 0644
owner: 0
group: 0
- name: allow reboot/shutdown/hibernate with doas
lineinfile:
path: /etc/doas.conf
regexp: "^permit nopass {{ ws_user }} as root cmd {{ item }}"
line: "permit nopass {{ ws_user }} as root cmd {{ item }}"
loop:
- ZZZ
- mount
- reboot
- shutdown
- zzz
- name: start and enable pcscd service
service:
name: pcscd
state: started
enabled: true
- name: check sudo binary path
shell: which sudo
register: result
failed_when: false
- name: uninstall sudo binary
package:
name: sudo
state: absent
when: result.rc == 0
register: sudo
ignore_errors: true
|
