pyrocufflink: Configure sudo for server admins

Members of the *Server Admins* AD group need to be able to use `sudo` for privilege elevation on all domain member servers.
2018-04-08 10:52:08 -05:00
parent 984628cbbc
commit 9a2dfa261c
1 changed files with 8 additions and 0 deletions
--- a/pyrocufflink.yml
+++ b/pyrocufflink.yml
@@ -3,8 +3,16 @@
  - winbind
  - nsswitch
  - system-auth
  - sudo
  tasks:
  - name: ensure winbind is running
    service:
      name=winbind
      state=started
  - name: ensure server admins can use sudo
    copy:
      dest: /etc/sudoers.d/20_server-admins
      content: |
        %server\ admins ALL=(ALL) ALL
      mode: '0440'
      validate: visudo -cf %s