--- - name: generate doas configuration ansible.builtin.lineinfile: path: "{{ doas_configuration_file }}" regexp: "^permit persist keepenv {{ doas_workstation_user }} as root" line: "permit persist keepenv {{ doas_workstation_user }} as root" create: true mode: 0644 owner: 0 group: 0 - name: allow reboot/shutdown/hibernate with doas ansible.builtin.lineinfile: path: "{{ doas_configuration_file }}" regexp: "^permit nopass {{ doas_workstation_user }} as root cmd {{ item }}" line: "permit nopass {{ doas_workstation_user }} as root cmd {{ item }}" loop: - ZZZ - mount - reboot - shutdown - zzz - name: check sudo binary path # noqa no-changed-when ansible.builtin.command: command -v sudo register: result failed_when: false - name: uninstall sudo binary ansible.builtin.package: name: sudo state: absent when: result.rc == 0 register: sudo ignore_errors: true