superuser: Fixes from clean machine.

author: Trygve Laugstøl <trygvis@inamo.no> 2020-10-25 19:19:28 +0100
committer: Trygve Laugstøl <trygvis@inamo.no> 2020-10-25 19:19:28 +0100
commit: a3337c3156c986b0ed64f1cedf3e4d78ef76b92b (patch)
tree: 5a9f261add57588eaac022a8b1ecf66adc19a0fa
parent: 59f913cc1efa21bd8df1a395d4d20f0b451965c2 (diff)
download: infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.tar.gz
infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.tar.bz2
infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.tar.xz
infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.zip
1 files changed, 11 insertions, 5 deletions
diff --git a/ansible/roles/superusers/tasks/main.yml b/ansible/roles/superusers/tasks/main.yml
index 70623a0..c1f5a47 100644
--- a/ansible/roles/superusers/tasks/main.yml
+++ b/ansible/roles/superusers/tasks/main.yml
@@ -21,11 +21,17 @@
     loop_var: group
   include_tasks: adjust-group.yml
 
+- name: mkdir /etc/sudoers.d
+  become: yes
+  file:
+    path: /etc/sudoers.d
+    state: directory
+
 - name: "Allow 'sudo' group to have passwordless sudo"
   tags: superusers
   become: yes
-  lineinfile:
-    dest: /etc/sudoers
-    state: present
-    regexp: '^%sudo'
-    line: '%sudo ALL=(ALL) NOPASSWD: ALL'
+  copy:
+    dest: /etc/sudoers.d/superusers
+    content: |
+      {{ "Managed by Ansible" | comment }}
+      %sudo ALL=(ALL) NOPASSWD: ALL
author	Trygve Laugstøl <trygvis@inamo.no>	2020-10-25 19:19:28 +0100
committer	Trygve Laugstøl <trygvis@inamo.no>	2020-10-25 19:19:28 +0100
commit	a3337c3156c986b0ed64f1cedf3e4d78ef76b92b (patch)
tree	5a9f261add57588eaac022a8b1ecf66adc19a0fa
parent	59f913cc1efa21bd8df1a395d4d20f0b451965c2 (diff)
download	infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.tar.gz infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.tar.bz2 infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.tar.xz infra-a3337c3156c986b0ed64f1cedf3e4d78ef76b92b.zip