mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-03-31 14:24:16 +02:00
Optimized .mds and meta/main.yml for sudo
This commit is contained in:
parent
36c76fd00e
commit
d014d25e40
20
roles/sudo/README.md
Normal file
20
roles/sudo/README.md
Normal file
@ -0,0 +1,20 @@
|
||||
# Sudo
|
||||
|
||||
## Description
|
||||
|
||||
This role installs the [sudo](https://en.wikipedia.org/wiki/Sudo) package and deploys a default sudoers file to ensure secure and consistent privilege escalation on the target system. It uses a preconfigured sudoers file that follows best practices and includes directives to read drop-in files from `/etc/sudoers.d`.
|
||||
|
||||
## Overview
|
||||
|
||||
Optimized for security and ease of administration, this role guarantees that sudo is installed and configured according to recommended practices. The provided sudoers file includes essential comments, host/user aliases, and defaults to help prevent misconfigurations.
|
||||
|
||||
## Purpose
|
||||
|
||||
The primary purpose of this role is to ensure that the target system has a reliable sudo configuration. By installing the [sudo](https://en.wikipedia.org/wiki/Sudo) package and deploying a standard sudoers file, the role facilitates proper administrative access and minimizes potential security risks.
|
||||
|
||||
## Features
|
||||
|
||||
- **Sudo Package Installation:** Installs the [sudo](https://en.wikipedia.org/wiki/Sudo) package if it is not already present.
|
||||
- **Default Sudoers Configuration:** Deploys a default sudoers file with best-practice settings.
|
||||
- **Drop-in Inclusion:** Ensures that configuration files from `/etc/sudoers.d` are included.
|
||||
- **Security Focus:** Provides commented guidelines to avoid common sudo misconfigurations.
|
24
roles/sudo/meta/main.yml
Normal file
24
roles/sudo/meta/main.yml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
galaxy_info:
|
||||
author: "Kevin Veen-Birkenbach"
|
||||
description: "Installs and configures the sudo package with a default sudoers file to ensure secure privilege escalation and system administration."
|
||||
license: "CyMaIS NonCommercial License (CNCL)"
|
||||
license_url: "https://s.veen.world/cncl"
|
||||
company: |
|
||||
Kevin Veen-Birkenbach
|
||||
Consulting & Coaching Solutions
|
||||
https://www.veen.world
|
||||
min_ansible_version: "2.9"
|
||||
platforms:
|
||||
- name: Linux
|
||||
versions:
|
||||
- all
|
||||
galaxy_tags:
|
||||
- sudo
|
||||
- security
|
||||
- administration
|
||||
- configuration
|
||||
repository: "https://s.veen.world/cymais"
|
||||
issue_tracker_url: "https://s.veen.world/cymaisissues"
|
||||
documentation: "https://s.veen.world/cymais"
|
||||
dependencies: []
|
Loading…
x
Reference in New Issue
Block a user