diff options
| -rw-r--r-- | ansible/roles/superusers/tasks/main.yml | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/ansible/roles/superusers/tasks/main.yml b/ansible/roles/superusers/tasks/main.yml index 70623a0..c1f5a47 100644 --- a/ansible/roles/superusers/tasks/main.yml +++ b/ansible/roles/superusers/tasks/main.yml @@ -21,11 +21,17 @@ loop_var: group include_tasks: adjust-group.yml +- name: mkdir /etc/sudoers.d + become: yes + file: + path: /etc/sudoers.d + state: directory + - name: "Allow 'sudo' group to have passwordless sudo" tags: superusers become: yes - lineinfile: - dest: /etc/sudoers - state: present - regexp: '^%sudo' - line: '%sudo ALL=(ALL) NOPASSWD: ALL' + copy: + dest: /etc/sudoers.d/superusers + content: | + {{ "Managed by Ansible" | comment }} + %sudo ALL=(ALL) NOPASSWD: ALL |